Overview

overview

8

Static

static

3

NEAS.c9b79...10.exe

windows7-x64

8

NEAS.c9b79...10.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    139s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 20:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.c9b79e3ee2894479cad82c7547c61e10.exe

  • Size

    139KB

  • MD5

    c9b79e3ee2894479cad82c7547c61e10

  • SHA1

    5eeaacab4999e850dcbebb22b082145d7f44ef33

  • SHA256

    78b51cde77394b83adfac451e0ae076fe21c83654b970538efd0328d2f9cc519

  • SHA512

    c4ea89d96989b59e3a1e1c8ea63fedc7934f3a61d713cee3aa6c88b5b274dd8f926f5592751aed4d5b9d34e4bd546cb9bed5eb209d5ed1d4e190739579a08b82

  • SSDEEP

    3072:9hlkUC7wGnLduIVs/wGD0WQubZ0Bbm7HWKlrreiBDc4:9DkIGn8IVODChBSbWKl1Dc4

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.c9b79e3ee2894479cad82c7547c61e10.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.c9b79e3ee2894479cad82c7547c61e10.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1924
  • C:\PROGRA~3\Mozilla\xxmjpmn.exe
    C:\PROGRA~3\Mozilla\xxmjpmn.exe -nznotnb
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\xxmjpmn.exe
    Filesize

    139KB

    MD5

    31e353d5c5138b9f6ca7ddddfff217fd

    SHA1

    e2ffa4084d95e7257c412c77ac5e22c746b5dd4b

    SHA256

    2644d262ac021f7776ed7dc83f649c8bf4acb26103ed51f99b172ef7b56f1586

    SHA512

    2500ba33fa12ca3391609ae88f879d21a2e69a02fd3b6cc06fdb2d25964188830cd6cfc7e0d998211064d3506199414842f606dd1aae2dd4cbb1e01057fc74c5

    Download Submit

  • C:\ProgramData\Mozilla\xxmjpmn.exe
    Filesize

    139KB

    MD5

    31e353d5c5138b9f6ca7ddddfff217fd

    SHA1

    e2ffa4084d95e7257c412c77ac5e22c746b5dd4b

    SHA256

    2644d262ac021f7776ed7dc83f649c8bf4acb26103ed51f99b172ef7b56f1586

    SHA512

    2500ba33fa12ca3391609ae88f879d21a2e69a02fd3b6cc06fdb2d25964188830cd6cfc7e0d998211064d3506199414842f606dd1aae2dd4cbb1e01057fc74c5

    Download Submit

  • memory/1048-10-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1048-15-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1924-1-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1924-2-0x00000000005B0000-0x00000000005B2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1924-3-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1924-9-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download