General
-
Target
76f97fc2ef366a2c96900d49c974ad30_NEAS
-
Size
89KB
-
Sample
240507-pj4b2sfe4z
-
MD5
76f97fc2ef366a2c96900d49c974ad30
-
SHA1
aa2eaa4646ff17ec847ab4c84e3cd7fe1e00d8ff
-
SHA256
ff28e249edb4edca58730de285c9aa5eb8697f5043d0a7e0198bb4d47c17a954
-
SHA512
4a00ed05b6a4e1383a701eabe521956818792dec0847d445009e8b956bc4c3e445d2474ef05b5fd755f7a9c0d2eeb324461716bfc6698674b6f8b8bc5129eeba
-
SSDEEP
1536:XHXqO6ZG03eyenOj9lgA/PObuTMT5NMCfL7ojaZf5aZlBlGy5:M1uF6Feu2NlQOBcGk
Static task
static1
Behavioral task
behavioral1
Sample
76f97fc2ef366a2c96900d49c974ad30_NEAS.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
76f97fc2ef366a2c96900d49c974ad30_NEAS.dll
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
76f97fc2ef366a2c96900d49c974ad30_NEAS
-
Size
89KB
-
MD5
76f97fc2ef366a2c96900d49c974ad30
-
SHA1
aa2eaa4646ff17ec847ab4c84e3cd7fe1e00d8ff
-
SHA256
ff28e249edb4edca58730de285c9aa5eb8697f5043d0a7e0198bb4d47c17a954
-
SHA512
4a00ed05b6a4e1383a701eabe521956818792dec0847d445009e8b956bc4c3e445d2474ef05b5fd755f7a9c0d2eeb324461716bfc6698674b6f8b8bc5129eeba
-
SSDEEP
1536:XHXqO6ZG03eyenOj9lgA/PObuTMT5NMCfL7ojaZf5aZlBlGy5:M1uF6Feu2NlQOBcGk
Score8/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1