Overview

overview

7

Static

static

3

NEAS.797c9...e0.exe

windows7-x64

7

NEAS.797c9...e0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 20:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.797c98d58933c6fdfc8dd93792357de0.exe

  • Size

    444KB

  • MD5

    797c98d58933c6fdfc8dd93792357de0

  • SHA1

    97b36c69e8873cc6e35fecb1794657315f22626e

  • SHA256

    5a2c6ebdd5947c67fcd098da4e88723f738fd02dfa3d60769b921bd5d4c12296

  • SHA512

    04107cd892dc91a1d905db93c3f71901371c552bc37e21b30a55a254e274badd3caf8b33359da82b85c9d81e5f343b77c447f07eb443a88347e871adf006a5f4

  • SSDEEP

    12288:Nb4bZudi79LwoQrERXZBvGOxD+OSJg2A:Nb4bcdkLyrERXZFxDrSJ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.797c98d58933c6fdfc8dd93792357de0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.797c98d58933c6fdfc8dd93792357de0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Users\Admin\AppData\Local\Temp\2E03.tmp
      "C:\Users\Admin\AppData\Local\Temp\2E03.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.797c98d58933c6fdfc8dd93792357de0.exe 0208D045BD080D8741500B13A1E4FA0872F21500E3B43657C349E660630273A806C999F5E16458B7BB522B1753D799AC45659C3846015DAE274FF08816F96262
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1176

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\2E03.tmp
          Filesize

          444KB

          MD5

          9d1c1649f6814bdea2c6ae6ae4257e08

          SHA1

          51a34256a218be6ec6a7862d8bc5a55ff1bce0bc

          SHA256

          5402a3e8d523f99beeec1c26ed9ecdfc1fff8001810c04179b334884677125d1

          SHA512

          167744b1155f34440400b7e858c816c89802b58fa14c79a409b4c6319900b046c22127972041165a738cf5699ae0993dd94fda4a3955f9350718cb61bdf74a3a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\2E03.tmp
          Filesize

          444KB

          MD5

          9d1c1649f6814bdea2c6ae6ae4257e08

          SHA1

          51a34256a218be6ec6a7862d8bc5a55ff1bce0bc

          SHA256

          5402a3e8d523f99beeec1c26ed9ecdfc1fff8001810c04179b334884677125d1

          SHA512

          167744b1155f34440400b7e858c816c89802b58fa14c79a409b4c6319900b046c22127972041165a738cf5699ae0993dd94fda4a3955f9350718cb61bdf74a3a

          Download Submit