2dcf0444fd57171b237298df5bcc80bab062ed11cd38f77822cafd9f40ddcebd

Analysis

max time kernel
184s
max time network
190s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14-10-2023 10:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
Size

51KB
MD5

06393968e27d3974d5da88dcda86da90
SHA1

da6077d9e184f1ade72fef799f309f2e5ae535f6
SHA256

2dcf0444fd57171b237298df5bcc80bab062ed11cd38f77822cafd9f40ddcebd
SHA512

664076cc3b78e397498f635254f48f88c0eb0cefba56838ba2f83304d090de6d2d6899fb9a6cb0cf9490062fb5f012ee68b0544f1b5d46c71c8c141cb8aa4eaa
SSDEEP

1536:W7ZQpApIyryyTcTSbyEmOTcTSbyEmtsPTt6:6QWpIAjTcTSWEmOTcTSWEmtsPTt6

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nl-nl.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\Content.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\kor-kor.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\System\ado\msado21.tlb.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ro-ro.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ja-JP\TipRes.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_rtl.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\nl-NL\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\zh-TW\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\de-DE\TabTip.exe.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\tr-TR\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ru-RU\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\fy.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.cs-cz.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base_heb.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipstr.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ja-JP\ShapeCollector.exe.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\mraut.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\7z.exe.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\mip.exe.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipscat.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\it-IT\InkObj.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\eo.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\ga.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fr-FR\TipTsf.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fr-FR\mshwLatin.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipshe.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipsptg.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\it-IT\tabskb.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\nb-NO\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\yo.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\mshwLatin.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-time-l1-1-0.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fr-CA\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\th-TH\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\7-Zip\Lang\it.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ar-sa.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.hash.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\de-DE\InputPersonalization.exe.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\es-ES\TipRes.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\mshwgst.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-locale-l1-1-0.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\it-IT\mshwLatin.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RUI.dll.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\es-ES\tipresx.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert.xml.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ThirdPartyNotices.MSHWLatin.txt.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui.tmp	NEAS.06393968e27d3974d5da88dcda86da90_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.06393968e27d3974d5da88dcda86da90_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.06393968e27d3974d5da88dcda86da90_JC.exe"
1⤵
- Drops file in Program Files directory
PID:2672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3027552071-446050021-1254071215-1000\desktop.ini.tmp

Filesize
51KB

MD5
bc5d605598034facf092de2c21456d14

SHA1
fae8103c1c98e51eb3095d9b3f421a4cd9077da7

SHA256
687c4c40edc65efa379207f1a0f77fd59129751c827ca740d56c4152d74e7494

SHA512
36305cbf6658aa30808647314d4f7dfa3094a8bac84f2b9299ae79efd1a959610131711404cd7aeaa7790b21d9f5880bd6fc7424efdaa4b3c6fbabbf36762f32

Download Submit
C:\odt\config.xml.tmp

Filesize
52KB

MD5
1e5a8313cfec2f3a375ab08d0aed60fa

SHA1
c1b988cb12de0fe6b901b2ce01efce68ab13f828

SHA256
22488d01c4210ec212ed557b7ab286b857ba27ce5f9d56b0c73dee8e7c5bf444

SHA512
c233ffbdd787a9223f27dafbf9ca645505f4b636ba82d91c6710447876cae865d1453a836e166aa278f09b33f9429a6c33ea04ddeaaeb82517120603cf2992e0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads