Overview

overview

3

Static

static

3

NEAS.68a0c...10.dll

windows7-x64

1

NEAS.68a0c...10.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    195s
  • max time network
    226s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.68a0cf5e42835372471b0a1b88c80a10.dll

  • Size

    6KB

  • MD5

    68a0cf5e42835372471b0a1b88c80a10

  • SHA1

    5009faba9a3cf2d9b9d59f858db3a2eaada90d48

  • SHA256

    7806c87b8fb2c12611732a1d762c296a320357a83cf04e50bd65982307f547f2

  • SHA512

    749c0b5f35f0614b76e9049ab4ede9a08562a4028f4e62d289087c74d7dcfcaa49cb9747a0305715d7b14fdc3cf51a6e6a42ef7c3d0b88d356778e1832a40628

  • SSDEEP

    96:nEY2RrF1eqwi4crEdt212i8vn9XQlSR2hfrdxpCxdaAil:EHRh1eppcrc21n8v9v2fxpIE

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.68a0cf5e42835372471b0a1b88c80a10.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:712
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.68a0cf5e42835372471b0a1b88c80a10.dll,#1
      2⤵
        PID:3924

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads