Overview

overview

10

Static

static

3

NEAS.c9af3...80.exe

windows7-x64

10

NEAS.c9af3...80.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.c9af308848199541ef583fdc03878680.exe

  • Size

    80KB

  • Sample

    231111-xvsnpabb8v

  • MD5

    c9af308848199541ef583fdc03878680

  • SHA1

    bf51d2273b0897dd24c7e918894205518ba21f9d

  • SHA256

    31fa9f0f08fe2187c32f3dce3bdcd5c024646ee741c7d561b17a61f09757e6c7

  • SHA512

    9a71bfc195f42f5de898e39a42454e82b6af8b3c37bb6f546b22201a460e2de7d247cf7adc68b6596450cdb60a2986c081829ed0742247bd0f6905ef154231aa

  • SSDEEP

    1536:TxPsU4/riMeTOl5K87SckiFNuv1JYEiiBCd2LHJ9VqDlzVxyh+CbxMa:TdsOCd7ShCIbLHJ9IDlRxyhTb7

Score
10/10
persistence

Malware Config

Targets

    • Target

      NEAS.c9af308848199541ef583fdc03878680.exe

    • Size

      80KB

    • MD5

      c9af308848199541ef583fdc03878680

    • SHA1

      bf51d2273b0897dd24c7e918894205518ba21f9d

    • SHA256

      31fa9f0f08fe2187c32f3dce3bdcd5c024646ee741c7d561b17a61f09757e6c7

    • SHA512

      9a71bfc195f42f5de898e39a42454e82b6af8b3c37bb6f546b22201a460e2de7d247cf7adc68b6596450cdb60a2986c081829ed0742247bd0f6905ef154231aa

    • SSDEEP

      1536:TxPsU4/riMeTOl5K87SckiFNuv1JYEiiBCd2LHJ9VqDlzVxyh+CbxMa:TdsOCd7ShCIbLHJ9IDlRxyhTb7

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks