General
-
Target
NEAS.4fab848c48f6f989acd2a29f679fcdb0.exe
-
Size
475KB
-
Sample
231105-yg58asdb34
-
MD5
4fab848c48f6f989acd2a29f679fcdb0
-
SHA1
5538553e2589b08f8419014b3453639604e1d12e
-
SHA256
115dec297bb72c417f8bcbb72a3303138c377b93694c16a01f2bb4e5466540f4
-
SHA512
b360ebaa1e650f3f89877f4004e67c659359cf1e1591935147908c675b461cd68d24f46eb54aba06b61f2e7e955c563a2bc03d4cda83372d0f4dc537c8185566
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl+/:nRDc3yWDNU+YUznzNjElWaT07NQt+/
Malware Config
Targets
-
-
Target
NEAS.4fab848c48f6f989acd2a29f679fcdb0.exe
-
Size
475KB
-
MD5
4fab848c48f6f989acd2a29f679fcdb0
-
SHA1
5538553e2589b08f8419014b3453639604e1d12e
-
SHA256
115dec297bb72c417f8bcbb72a3303138c377b93694c16a01f2bb4e5466540f4
-
SHA512
b360ebaa1e650f3f89877f4004e67c659359cf1e1591935147908c675b461cd68d24f46eb54aba06b61f2e7e955c563a2bc03d4cda83372d0f4dc537c8185566
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl+/:nRDc3yWDNU+YUznzNjElWaT07NQt+/
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1