Overview

overview

8

Static

static

3

NEAS.2b2ad...50.exe

windows7-x64

8

NEAS.2b2ad...50.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-10-2023 17:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2b2ad0f6a1b5196bb333c33e465a3e50.exe

  • Size

    144KB

  • MD5

    2b2ad0f6a1b5196bb333c33e465a3e50

  • SHA1

    1a8281cf60874dbe8732cf7b85c088b18176e16d

  • SHA256

    84c03321c8212d6d8f7465c66f1bf54288081101bfd3968dda5834d20ad208aa

  • SHA512

    12378150a5461d093dcaacd9645570db1f7b14c515bc07d18ef2ba26c4abc016e98a1f7bd58fe5143785e7fa59af793be4dfd7791860e1fd1b25ec7c0fc32335

  • SSDEEP

    3072:AGMohJ718OEiNBP718rBrBQyizKgtFJlsmi3:LhJ58OdV7CFiyiWC6mi3

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2b2ad0f6a1b5196bb333c33e465a3e50.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2b2ad0f6a1b5196bb333c33e465a3e50.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2172
  • C:\PROGRA~3\Mozilla\drpriek.exe
    C:\PROGRA~3\Mozilla\drpriek.exe -cidzxdc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\drpriek.exe
    Filesize

    144KB

    MD5

    709be4df27deb7b75bf5a2ea80ee16bc

    SHA1

    656ba4dc83dd3c9821a2885fc9d620c48cce38f6

    SHA256

    78dc83c21a02e8813518d09740f68722196d81141dd65b6bbe02c062007f71a6

    SHA512

    fc00df38839c43512969894e2976606d7b59cf1f4491dd5e52d3b097b0986d6f3a39fd1fe64300b53a42cb00647773f80da36852ee2db5cc3a772e7899403080

    Download Submit

  • C:\ProgramData\Mozilla\drpriek.exe
    Filesize

    144KB

    MD5

    709be4df27deb7b75bf5a2ea80ee16bc

    SHA1

    656ba4dc83dd3c9821a2885fc9d620c48cce38f6

    SHA256

    78dc83c21a02e8813518d09740f68722196d81141dd65b6bbe02c062007f71a6

    SHA512

    fc00df38839c43512969894e2976606d7b59cf1f4491dd5e52d3b097b0986d6f3a39fd1fe64300b53a42cb00647773f80da36852ee2db5cc3a772e7899403080

    Download Submit

  • memory/1020-10-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1020-15-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2172-0-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2172-1-0x0000000000630000-0x0000000000631000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2172-2-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2172-3-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2172-8-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download