288ae6f9acaabc9b5a47e0f80eb67b7df39ccd79583bb2a880f0abaabefc4166

Analysis

max time kernel
13s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 15:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
Size

133KB
MD5

05ccc9cf70ca30e8f4cf44999c54fc70
SHA1

af9dac0587c65db019fdb52477fdadb3c55e3532
SHA256

288ae6f9acaabc9b5a47e0f80eb67b7df39ccd79583bb2a880f0abaabefc4166
SHA512

c25788c365cbea41be5459826ac2cd259090733f3c85230c4aac14f238f656e9cc8190610e42bbd0f9cc86bc61c75564aae9b2c444700cfac2a0fb69799e08c2
SSDEEP

3072:w/qP0m22Xtaz4QQ2esY4GSvlYywcMTYUzWy4jqeeZHbjnfDQc:+qP0mj9azCdsecEZWdjq3HbjnMc

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 17 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win32dc\Quake3 + serial.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\DAoC_trainer.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\Quake3 + hack.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\Doom 3_cheat.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\Doom 3_cheat.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike(fix).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\FlatOut(patch).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\Half-Life 2 cdfix.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\DAoC_trainer.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\UT2004(crack).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\FlatOut(patch).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\DAoC(crack).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\Counter-Strike(fix).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\Quake3 + serial.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\DAoC(crack).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File opened for modification	C:\Windows\win32dc\Quake3 + hack.exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
File created	C:\Windows\win32dc\UT2004(crack).exe	NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.05ccc9cf70ca30e8f4cf44999c54fc70_JC.exe"
1⤵
- Drops file in Windows directory
PID:3768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\Quake3 + serial.exe

Filesize
136KB

MD5
53e785d6aa8ed57645d04b366d8e3701

SHA1
24495871eb139dd2169dfedf7622c7c8160bc211

SHA256
9bf22c91e5cc5ef0170b6ea8fd1db2ddea4178dca380eeb60114fa5154f48624

SHA512
a6c43d52be9d6b836f2d5401b1c21ad37a792753d2c95a2ac15e4a7347f7fe0d10ec9892ee926acddbaeb04db2aca4b251fcd422a377bf83e22f64c8d4310d8e

Download Submit
memory/3768-19-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads