Overview

overview

10

Static

static

3

NEAS.9509b...00.exe

windows7-x64

10

NEAS.9509b...00.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.9509b9e6afc88badfb05513ec8364000.exe

  • Size

    527KB

  • Sample

    231106-c1jbzshf38

  • MD5

    9509b9e6afc88badfb05513ec8364000

  • SHA1

    92a7b363433ba69aa048e270423341a4af9318fd

  • SHA256

    e621ebaf4e3c05c607376784b15778c58d82d3be9f130954217d01a94f3a3dd9

  • SHA512

    e37310ba981d5ea660e75addb3e3be93b3fa290bc51787818db68380c7ea8c3c4a3dec5528fb4162a842d886b1a8f0d6309037bfca02be12044a628d3dc00e0d

  • SSDEEP

    6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOutmjtugxiUSOCT6REMWtYEF:/pW2IoioS66EiUbEMiYEF

Score
10/10
discoveryevasionexploitpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.9509b9e6afc88badfb05513ec8364000.exe

    • Size

      527KB

    • MD5

      9509b9e6afc88badfb05513ec8364000

    • SHA1

      92a7b363433ba69aa048e270423341a4af9318fd

    • SHA256

      e621ebaf4e3c05c607376784b15778c58d82d3be9f130954217d01a94f3a3dd9

    • SHA512

      e37310ba981d5ea660e75addb3e3be93b3fa290bc51787818db68380c7ea8c3c4a3dec5528fb4162a842d886b1a8f0d6309037bfca02be12044a628d3dc00e0d

    • SSDEEP

      6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOutmjtugxiUSOCT6REMWtYEF:/pW2IoioS66EiUbEMiYEF

    Score
    10/10
    discoveryevasionexploitpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks