Analysis

  • max time kernel
    162s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-10-2023 20:34

General

  • Target

    NEAS.a8183377f88070b5d7f06be1330eb010.exe

  • Size

    182KB

  • MD5

    a8183377f88070b5d7f06be1330eb010

  • SHA1

    4ad686f062683f5eaea3cbb2c923efba3c8c3025

  • SHA256

    d3704e176ea8c6e8fbe65ad40da6504df7ead2a86b356ae56a5e7171e28dcb46

  • SHA512

    f1fae69830fc207ac88379a784bc8463c2388eb0104c778407acd756768f90e9735e6e4d7fb378a32ee19a5b19618999ee27959c5422293e848066dce100dc13

  • SSDEEP

    3072:2e+N8sceIO+wq4YuThkFcex8kD4wuitYpI0dZef0+7:2eBe2wsuThkKe81ppIwZef0+7

Score
8/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.a8183377f88070b5d7f06be1330eb010.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.a8183377f88070b5d7f06be1330eb010.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3792
  • C:\PROGRA~3\Mozilla\osznrcg.exe
    C:\PROGRA~3\Mozilla\osznrcg.exe -jeeiybc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\osznrcg.exe

    Filesize

    182KB

    MD5

    12cc15523289e90893c82c3fa53f2450

    SHA1

    7f2d23c9defec4b6684215f3d0683186b11feb69

    SHA256

    30751746277b7c32fc8b01667cf2df571d929cbfc7271064b9e6c18d9a2aaa74

    SHA512

    1707b6caaa30c3000acffaf6fc41878c91209cb7873ba7981060bc9e7036c7acf2617dee7d6516c14d50a0376526a1e35dd6cb529ad2e74c4090ccb0de480c85

  • C:\ProgramData\Mozilla\osznrcg.exe

    Filesize

    182KB

    MD5

    12cc15523289e90893c82c3fa53f2450

    SHA1

    7f2d23c9defec4b6684215f3d0683186b11feb69

    SHA256

    30751746277b7c32fc8b01667cf2df571d929cbfc7271064b9e6c18d9a2aaa74

    SHA512

    1707b6caaa30c3000acffaf6fc41878c91209cb7873ba7981060bc9e7036c7acf2617dee7d6516c14d50a0376526a1e35dd6cb529ad2e74c4090ccb0de480c85

  • memory/1788-11-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB

  • memory/1788-12-0x00000000006E0000-0x000000000073B000-memory.dmp

    Filesize

    364KB

  • memory/3792-0-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB

  • memory/3792-1-0x0000000000820000-0x000000000087B000-memory.dmp

    Filesize

    364KB

  • memory/3792-6-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB