Overview

overview

7

Static

static

3

NEAS.f79e8...JC.exe

windows7-x64

7

NEAS.f79e8...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.f79e8366e8ff98e1ca7bed52a124121144cfac98d80a723a8f52d2eb4eaf9025_JC.exe

  • Size

    382KB

  • MD5

    784d72893d7bfac3e3e9c5473e9d1d60

  • SHA1

    6bb8598faf50c91c6a610d1a746c68aea8d78f68

  • SHA256

    f79e8366e8ff98e1ca7bed52a124121144cfac98d80a723a8f52d2eb4eaf9025

  • SHA512

    bd8ef23bf96aaa09862031cce9763af4a2d93422d419932c21b370d428f3a5dd8515060376c98fc16960b31e1714cbb9ec6070342ebf71d2ed00d495eedd392b

  • SSDEEP

    6144:xplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:xplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.f79e8366e8ff98e1ca7bed52a124121144cfac98d80a723a8f52d2eb4eaf9025_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.f79e8366e8ff98e1ca7bed52a124121144cfac98d80a723a8f52d2eb4eaf9025_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files\handling\interface.exe
      "C:\Program Files\handling\interface.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\handling\interface.exe
    Filesize

    382KB

    MD5

    efbb5fbda82a198fc1770f18a03c5ef8

    SHA1

    d71b74bc05dfdce5465498b2bc93a34744a6df6a

    SHA256

    9551e7560246bc490d8814898935027b21ba1d9433f34051905f6f61a30d26ad

    SHA512

    d0418dd91ef5db198434a969f5a06515c763857d700f7ec87b8e0ccf02a7616a873a6055b014d290243b9a87142ca74b73c5f9edfd18c9035729f8591630ac54

    Download Submit

  • C:\Program Files\handling\interface.exe
    Filesize

    382KB

    MD5

    efbb5fbda82a198fc1770f18a03c5ef8

    SHA1

    d71b74bc05dfdce5465498b2bc93a34744a6df6a

    SHA256

    9551e7560246bc490d8814898935027b21ba1d9433f34051905f6f61a30d26ad

    SHA512

    d0418dd91ef5db198434a969f5a06515c763857d700f7ec87b8e0ccf02a7616a873a6055b014d290243b9a87142ca74b73c5f9edfd18c9035729f8591630ac54

    Download Submit

  • \Program Files\handling\interface.exe
    Filesize

    382KB

    MD5

    efbb5fbda82a198fc1770f18a03c5ef8

    SHA1

    d71b74bc05dfdce5465498b2bc93a34744a6df6a

    SHA256

    9551e7560246bc490d8814898935027b21ba1d9433f34051905f6f61a30d26ad

    SHA512

    d0418dd91ef5db198434a969f5a06515c763857d700f7ec87b8e0ccf02a7616a873a6055b014d290243b9a87142ca74b73c5f9edfd18c9035729f8591630ac54

    Download Submit

  • \Program Files\handling\interface.exe
    Filesize

    382KB

    MD5

    efbb5fbda82a198fc1770f18a03c5ef8

    SHA1

    d71b74bc05dfdce5465498b2bc93a34744a6df6a

    SHA256

    9551e7560246bc490d8814898935027b21ba1d9433f34051905f6f61a30d26ad

    SHA512

    d0418dd91ef5db198434a969f5a06515c763857d700f7ec87b8e0ccf02a7616a873a6055b014d290243b9a87142ca74b73c5f9edfd18c9035729f8591630ac54

    Download Submit