f16dd827a2b130582acece28b89ddb404a01a6eadc07003db434dc9f294e3ae2

General

Target

NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe
Size

980KB
MD5

678486f0e3d30a4483cb3a87d04b8aa0
SHA1

a7fe1f492f3fc6a4bd929dbdbf5cf66fcdcd75b8
SHA256

f16dd827a2b130582acece28b89ddb404a01a6eadc07003db434dc9f294e3ae2
SHA512

380582415c4561dd40e896dacdc8e980a9b6b6ed3533d40d319c213dbe79a5abc677b3b4ccfc26046c7e7741b85ea6e5386eb72fd3a8fee0fc1f80b0efd6b0e4
SSDEEP

12288:au2/Z2yP3qI7meS1NL3k9jZ54QDI0v6tL/6R5nWFpPoSOoVUQfUvmkD6u:j2/9+0KB0vc/hbM8iHp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 25 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1152-1-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-2-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-3-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-4-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-6-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-8-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-10-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-12-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-14-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-18-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-20-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-16-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-23-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-25-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-27-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-29-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-31-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-33-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-35-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-37-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-39-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-41-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-43-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-46-0x00000000030D0000-0x000000000310E000-memory.dmp	upx
behavioral1/memory/1152-47-0x00000000030D0000-0x000000000310E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1152	NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe
1152	NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe
1152	NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.678486f0e3d30a4483cb3a87d04b8aa0.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1152-0-0x0000000000400000-0x000000000051D000-memory.dmp

Filesize
1.1MB

Download
memory/1152-1-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-2-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-3-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-4-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-6-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-8-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-10-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-12-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-14-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-18-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-20-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-16-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-23-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-25-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-27-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-29-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-31-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-33-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-35-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-37-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-39-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-41-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-43-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-46-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-47-0x00000000030D0000-0x000000000310E000-memory.dmp

Filesize
248KB

Download
memory/1152-49-0x0000000000400000-0x000000000051D000-memory.dmp

Filesize
1.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads