9b8891e4c6bf7179fd0dd5e8b59ac7a897a18bd285543bbae2305411a793d165 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

NEAS.b1856...f0.exe

windows7-x64

9

NEAS.b1856...f0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b18568c0de530478f3e7b1d49f7e77f0.exe
Size

198KB
Sample

231014-xtvfwsgg26
MD5

b18568c0de530478f3e7b1d49f7e77f0
SHA1

ffd9a719b4ae4f5d9519937c8ca75879a05c2f25
SHA256

9b8891e4c6bf7179fd0dd5e8b59ac7a897a18bd285543bbae2305411a793d165
SHA512

55d207872722baadc87ae59a4207c09b647fd091f8c72227f7f25421a87263fda7056ec421016ac763f01b6adb8ecaeff826142dad9fb28318b1866f67c6e941
SSDEEP

3072:6e7Wp9TcTSWEmOTcTSWEmAe7Wp9TcTSWEmOTcTSWEmb:Rq5Z0q5Z+

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

NEAS.b18568c0de530478f3e7b1d49f7e77f0.exe

Resource

win7-20230831-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.b18568c0de530478f3e7b1d49f7e77f0.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.b18568c0de530478f3e7b1d49f7e77f0.exe
- Size
  
  198KB
- MD5
  
  b18568c0de530478f3e7b1d49f7e77f0
- SHA1
  
  ffd9a719b4ae4f5d9519937c8ca75879a05c2f25
- SHA256
  
  9b8891e4c6bf7179fd0dd5e8b59ac7a897a18bd285543bbae2305411a793d165
- SHA512
  
  55d207872722baadc87ae59a4207c09b647fd091f8c72227f7f25421a87263fda7056ec421016ac763f01b6adb8ecaeff826142dad9fb28318b1866f67c6e941
- SSDEEP
  
  3072:6e7Wp9TcTSWEmOTcTSWEmAe7Wp9TcTSWEmOTcTSWEmb:Rq5Z0q5Z+
Score

9^/10

ransomware
- Renames multiple (324) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy