Overview

overview

8

Static

static

3

NEAS.f9d21...f0.exe

windows7-x64

8

NEAS.f9d21...f0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    67s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-10-2023 08:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.f9d2129dc38e756b31544c2415b6fef0.exe

  • Size

    239KB

  • MD5

    f9d2129dc38e756b31544c2415b6fef0

  • SHA1

    f1a84c35490f76f4657c793105622dd341f65687

  • SHA256

    9645a116bf791e9fa1754ae3748618f8322c206f8f38dd67f60a8453ba8d1b33

  • SHA512

    12ab61057240da301910d479c52a276e49ddd39e13d428544dda11f54f82f6d04e65334c09d2965aba8f7f1d4479bd15c9e88fa9c1a7b7c565a653c57fb64de2

  • SSDEEP

    6144:Apg4rIvq5V8RjeJ3UolYrllUwXd3XrJKdXYU7:ApgNvqV8NA3NyRdNnKYU7

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.f9d2129dc38e756b31544c2415b6fef0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.f9d2129dc38e756b31544c2415b6fef0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:5096
  • C:\PROGRA~3\Mozilla\eakpvvm.exe
    C:\PROGRA~3\Mozilla\eakpvvm.exe -lxsxepj
    1⤵
    • Executes dropped EXE
    PID:1816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\eakpvvm.exe
    Filesize

    239KB

    MD5

    7d6ecb8eecdc37601bef718841e6f68c

    SHA1

    5b032a6f0fc868a9064e712e9cce1b2fec982cf1

    SHA256

    caa97556ff526485aca195181cdc7f675ab9c86d1a63cacc2fecfb39872d82aa

    SHA512

    07bf456d7961944d9cea192dfcfd5d77b67c8e2a699575bead7c36d07a54d1c72a02d7cd44d27ab568cc5297fe2eac32b272c1fc6125022f56ed670852126709

    Download Submit

  • C:\ProgramData\Mozilla\eakpvvm.exe
    Filesize

    239KB

    MD5

    7d6ecb8eecdc37601bef718841e6f68c

    SHA1

    5b032a6f0fc868a9064e712e9cce1b2fec982cf1

    SHA256

    caa97556ff526485aca195181cdc7f675ab9c86d1a63cacc2fecfb39872d82aa

    SHA512

    07bf456d7961944d9cea192dfcfd5d77b67c8e2a699575bead7c36d07a54d1c72a02d7cd44d27ab568cc5297fe2eac32b272c1fc6125022f56ed670852126709

    Download Submit

  • memory/1816-12-0x0000000000D60000-0x0000000000DBB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5096-0-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/5096-1-0x00000000021E0000-0x000000000223B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5096-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5096-3-0x00000000021E0000-0x000000000223B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5096-8-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download