cc2b2834d316155bdddcb057116ac82b3af42161e454c5f50a34d7e752ec18cc

Analysis

max time kernel
177s
max time network
213s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2023, 10:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
Size

96KB
MD5

a40eed1be68d52f456aa5f682b4b86d0
SHA1

7f081c1bf6c818d89bcb562199672293a77f121a
SHA256

cc2b2834d316155bdddcb057116ac82b3af42161e454c5f50a34d7e752ec18cc
SHA512

2d9bf799f23f506b1e7937908ad89dbf8298bf6f15ab84ee2581da8966a78fd216959ca0df6e5c0d6244b587605a3079a0b35c18eac2cd40af036ba663667a44
SSDEEP

768:W7BlphA7pARFbhOm0CAbLgIw0wUk/FPCbG4KPnGnBeBMcrmMcrOdo+i9do+iNX13:W7ZhA7pApH1rHBFceBMcSMcuyz8/8k

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\sk.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\co.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\el.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ku.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-multibyte-l1-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-string-l1-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvStreamingManager.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems64.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVScripting.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\mr.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ta.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-locale-l1-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ga.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\it.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\readme.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l2-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-xstate-l2-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ca.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-stdio-l1-1-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVManifest.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\be.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\uk.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\io.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-file-l1-2-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\en.ttt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\uz.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\th.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\es.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\fur.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-synch-l1-2-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\pl.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R32.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\7z.sfx.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\mng.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-localization-l1-2-0.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIntegration.dll.tmp	NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.a40eed1be68d52f456aa5f682b4b86d0_JC.exe"
1⤵
- Drops file in Program Files directory
PID:232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1045988481-1457812719-2617974652-1000\desktop.ini.tmp

Filesize
97KB

MD5
6f345867190e572d821b263adf7c9c27

SHA1
62a8f723b05303a41a6203f211eb1e58522fb4dd

SHA256
c10003f4792a0531a7e75dc0dd25b30e61b69f3bf0303cd2a87fdc22c95d0d07

SHA512
286b2378cd058b6ec4d2c27fcc4bd6eed9011207759e45214aea154f2cd6212af0e53092cf62b3b822ad8e719ad3de44661ebc80ca5654b6bb437290ca4b9d08

Download Submit
C:\odt\config.xml.tmp

Filesize
98KB

MD5
c9d129fd608fade15ce67065c23635e3

SHA1
2583dc9756d428b77cc6b5e4d657b563063caa1f

SHA256
b45db5b4ccb12db19898ac2b6e931db88aa8f3265065f5233fe1003487b25523

SHA512
cff47fad575d1151de32c55f0a6405d0ec6fddb007e1ab637f17d8b29321cb6f72f8c297358c681b495fca70d63181953d3099656727eb1682c63327c454a7db

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads