Analysis
-
max time kernel
153s -
max time network
133s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
-
submitted
13-10-2023 20:32
General
-
Target
NEAS.9e2abb91a693371c19ed45a34a1db4c0.exe
-
Size
287KB
-
MD5
9e2abb91a693371c19ed45a34a1db4c0
-
SHA1
5124c1eb077f35cf5043367f86c1f8dc0f029702
-
SHA256
2cc8d9fc405d33d0fd8ee99b35a61e8e8781fac9a0a54cb03a23e3d0084776a2
-
SHA512
b646198f02e66390e817598da52c1a5796df8486789658d01a4963185d0eee1abf587bba6101c25a1f146d5506783a1d521dfa6eb05a6bd53583fd30e3f0e3e0
-
SSDEEP
3072:6e7WpGlYKUJTakSZObBPbl8EJrM2Q3Wgq:RqAlYdJT1bBDl8EJrM2Q3Wgq
Malware Config
Signatures
-
Renames multiple (115) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 32 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\NEAS.9e2abb91a693371c19ed45a34a1db4c0.exe"C:\Users\Admin\AppData\Local\Temp\NEAS.9e2abb91a693371c19ed45a34a1db4c0.exe"1⤵
- Drops file in Program Files directory
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
287KB
MD56b1c13f646208d5d2fc48fcf9f0ceea4
SHA169f83c12ed7848b6743511236ee00eff9d65dcb8
SHA2568fc9f5d4c12b2179fce2f3e174d08e26735816ea9ba778300dd4bab2cbb9a951
SHA51273eb32e211f2bdb47c8da7573d3b3b978bf5ebad9e94d9ca4ade104d28bbac1a75d9c40bfa2f789e51dd2155bf43d82f5d72a43f8ba708c69d8aea7f02df2fb7
-
Filesize
296KB
MD5eec831c6ada065d40a34617ce70f2615
SHA117268c8cad479e0f80eddc197721f855ffb661f9
SHA25680f2e440dcbf22207cb3312ea5303eeb87bb90a2c1138dbc529ad0bcd8bc5b7d
SHA512e34dda69dc1e19d44017d01989f7b354667349e9395143840d1059d14841f6130a7c2f7e68690187ef612eaf2e78eb215e9ba574f03d91f651adc0e9972c99b3