Overview

overview

3

Static

static

3

NEAS.0c1f2...JC.dll

windows7-x64

1

NEAS.0c1f2...JC.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    154s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 17:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.0c1f21f4a685b7ae4793742c4f5484c0_JC.dll

  • Size

    127KB

  • MD5

    0c1f21f4a685b7ae4793742c4f5484c0

  • SHA1

    219368fb9b005dab4890e98b0104725fdb64f7ae

  • SHA256

    a958fd1a25a641a03769cb37de88e86ca1ad9dbc8b26baaee820731c173d3460

  • SHA512

    edd4b98b16d1b7c18ec797b0302d3f1204df5d0faec2ff8019c619887be4290fea6f351356f0b05a87bc77b7b457686d03118443b18af7d7f6e6b05120e463a9

  • SSDEEP

    1536:7VgxHldwsamaGKEYs2mOrUxRPLWgx6YjAE6k3HxoNqr9bzI5DLv:7UlWsadyxRKgkvE9bE5DLv

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.0c1f21f4a685b7ae4793742c4f5484c0_JC.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3860
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.0c1f21f4a685b7ae4793742c4f5484c0_JC.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2624

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads