Overview

overview

9

Static

static

3

NEAS.5feb2...90.exe

windows7-x64

9

NEAS.5feb2...90.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.5feb253d9d485ea68558da37906bbe90.exe

  • Size

    84KB

  • Sample

    231013-y7es2acb58

  • MD5

    5feb253d9d485ea68558da37906bbe90

  • SHA1

    acf9ae2bdd715486e4714166a1f981546cdc22e7

  • SHA256

    dc9fe683d74055432a6916923f531eceae79a6ad3da7c5fd51d54520defbb965

  • SHA512

    5777ca02311e8270a123af28a6c6add7d9169fec14b35c452c4237888014578c7dcbc8dfd1cf185e819b688dea12ed5d0fc3f75b940c1b938dcf5cd4ac75b998

  • SSDEEP

    768:W7Blp2sspARFbhJpupZ5pZb7Blp2sspARFbhJpupZ5pZa:W7Z2sspApkZrZb7Z2sspApkZrZa

Score
9/10
ransomware

Malware Config

Targets

    • Target

      NEAS.5feb253d9d485ea68558da37906bbe90.exe

    • Size

      84KB

    • MD5

      5feb253d9d485ea68558da37906bbe90

    • SHA1

      acf9ae2bdd715486e4714166a1f981546cdc22e7

    • SHA256

      dc9fe683d74055432a6916923f531eceae79a6ad3da7c5fd51d54520defbb965

    • SHA512

      5777ca02311e8270a123af28a6c6add7d9169fec14b35c452c4237888014578c7dcbc8dfd1cf185e819b688dea12ed5d0fc3f75b940c1b938dcf5cd4ac75b998

    • SSDEEP

      768:W7Blp2sspARFbhJpupZ5pZb7Blp2sspARFbhJpupZ5pZa:W7Z2sspApkZrZb7Z2sspApkZrZa

    Score
    9/10
    ransomware

    • Renames multiple (56) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks