Overview

overview

9

Static

static

3

NEAS.29629...10.exe

windows7-x64

9

NEAS.29629...10.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.29629b8855cfb196334d9d79bee77c10.exe

  • Size

    87KB

  • Sample

    231014-wdz6rsge5v

  • MD5

    29629b8855cfb196334d9d79bee77c10

  • SHA1

    a3d0f4d996623a092792595bdbe22c3ca124e3f2

  • SHA256

    3b1b1d76a06a900b5c105dbba8e8b8b869a0fd51e758684a9099387898eee701

  • SHA512

    58945f2fe0f9aef79c3f7205f4b186791af962b347868435778e1ec6fa09099ce85f5e7efd407fb8a56b68eb06c43ac7116e40a78dbcd8571bdcab8142c19696

  • SSDEEP

    768:W7Blp2sspARFbhJpupZ5pZe7Blp2sspARFbhJpupZ5pZ47FV7FC:W7Z2sspApkZrZe7Z2sspApkZrZx

Score
9/10
ransomware

Malware Config

Targets

    • Target

      NEAS.29629b8855cfb196334d9d79bee77c10.exe

    • Size

      87KB

    • MD5

      29629b8855cfb196334d9d79bee77c10

    • SHA1

      a3d0f4d996623a092792595bdbe22c3ca124e3f2

    • SHA256

      3b1b1d76a06a900b5c105dbba8e8b8b869a0fd51e758684a9099387898eee701

    • SHA512

      58945f2fe0f9aef79c3f7205f4b186791af962b347868435778e1ec6fa09099ce85f5e7efd407fb8a56b68eb06c43ac7116e40a78dbcd8571bdcab8142c19696

    • SSDEEP

      768:W7Blp2sspARFbhJpupZ5pZe7Blp2sspARFbhJpupZ5pZ47FV7FC:W7Z2sspApkZrZe7Z2sspApkZrZx

    Score
    9/10
    ransomware

    • Renames multiple (226) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks