51521777b533ebdfaee43a39ea66f4ad7594c1e2e1e541e9faf85f61c2c1591e

Analysis

max time kernel
151s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
06/10/2023, 12:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
Size

70KB
MD5

9cbd3a2e66b06a2826e3f21f0a2660c8
SHA1

8bff82b1f0afe5adf5ca97ac6156eda0620fb974
SHA256

51521777b533ebdfaee43a39ea66f4ad7594c1e2e1e541e9faf85f61c2c1591e
SHA512

81a75495e1d3e237aefe3f134f08fa22f5aae75b429276e52a044222bc7ab136a7d7af6da4dc0b9b65248d866b2f0aab639fd4b65725276347c8281d19f34f2b
SSDEEP

1536:W7ZhA7pApH9QHwtRF9ESWu0SWutlggalgg+hgEDt:6e7WpHIyRF9ESWu0SWuDmIgi

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\bin\dtplugin\npdeployJava1.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\org.eclipse.rcp_root_4.4.0.v20141007-2301.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\bin\jvisualvm.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\lib\boot.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Grace-ul-oob.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\7-Zip\Lang\sr-spc.txt.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_Grace-ppd.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Office16\1033\GRAPH.HXS.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\sunpkcs11.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Client\msvcr120.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\db\bin\NetworkServerControl.bat.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\bin\rmid.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jre1.8.0_66\lib\plugin.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019R_Retail-ul-phn.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\InkObj.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvmstat.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\lib\ext\meta-index.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\O365SmallBusPremR_SubTrial4-pl.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\lib\images\cursors\win32_LinkDrop32x32.gif.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\bin\orbd.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-pl.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\ProPlus2019MSDNR_Retail-pl.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-charts.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\Word2019R_Trial-ul-oob.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\VSTO\vstoee100.tlb.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\jre\lib\fonts\LucidaTypewriterBold.ttf.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\VisioProVL_KMS_Client-ppd.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Office16\1033\AccessRuntime2019_eula.txt.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\bin\jjs.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\ProjectPro2019MSDNR_Retail-pl.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.cs-cz.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_zh_CN.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription2-ppd.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Internet Explorer\ExtExport.exe.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jre1.8.0_66\bin\verify.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Retail-ul-oob.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-br.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_OEM_Perp2-ul-oob.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019R_Trial-ppd.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\Personal2019R_Retail-pl.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\es-ES\TabTip.exe.mui.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Java\jre1.8.0_66\lib\deploy\[email protected]	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
File created	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusiness2019R_Retail-ul-phn.xrm-ms.tmp	NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.9cbd3a2e66b06a2826e3f21f0a2660c8exe_JC.exe"
1⤵
- Drops file in Program Files directory
PID:5092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3027552071-446050021-1254071215-1000\desktop.ini.tmp

Filesize
70KB

MD5
105f267017fb94fbb43298717303c404

SHA1
182cb0d42c571baa966e430330ad7999c5137f95

SHA256
4861879235ca752fcab41d30df96b1e91a858bd8b6d10194a0962d74e95b3216

SHA512
07406014e4a7aa32c7085b86cffb1fd4c3a3aca9cecbf69c51b4d3174a40ced16feb6ef0b31fcfded9deb9dd295d5626868e74ad86bdf49e90b5da343b1455a5

Download Submit
C:\odt\config.xml.tmp

Filesize
71KB

MD5
684b4ab7eccbb69271b538025aa9ea8e

SHA1
97f0a1afc3ced14346fdf9fcec404c3b3e57869d

SHA256
75096616e38e39a82cbf153c3c790860bf3b30b2cac2bf37d406886239ba41ec

SHA512
e474a3cb1c47462ec692c371c03a44080da7f8a02a1e3997c67a5abf3487781a0c16ecb0be50a17df7086580e477c85ab809c9b3017b42f9cb96e6e9f0e26a19

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads