General
-
Target
NEAS.19a58f81b02199879dc32323dcd079b0.exe
-
Size
211KB
-
Sample
231117-yp72vsdd87
-
MD5
19a58f81b02199879dc32323dcd079b0
-
SHA1
202bab4b8926c0462b383fce99f848c6a601fed3
-
SHA256
a52fdfb6ccf0200b9ebcb2c313c37e52bc066612a0be860dd24a8ea56b772ed8
-
SHA512
963beec0654bf293b589db3e3f42fb84d21803703a5d5ad719b3f52c08a4d9a497fcccc03fed16d59e972f5b661ca87d90e4759d721f80698a5b8d7bf5184612
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO0:Jh8cBzHLRMpZ4d1Z0
Malware Config
Targets
-
-
Target
NEAS.19a58f81b02199879dc32323dcd079b0.exe
-
Size
211KB
-
MD5
19a58f81b02199879dc32323dcd079b0
-
SHA1
202bab4b8926c0462b383fce99f848c6a601fed3
-
SHA256
a52fdfb6ccf0200b9ebcb2c313c37e52bc066612a0be860dd24a8ea56b772ed8
-
SHA512
963beec0654bf293b589db3e3f42fb84d21803703a5d5ad719b3f52c08a4d9a497fcccc03fed16d59e972f5b661ca87d90e4759d721f80698a5b8d7bf5184612
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO0:Jh8cBzHLRMpZ4d1Z0
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1