Overview

overview

3

Static

static

3

NEAS.73dd7...70.dll

windows7-x64

1

NEAS.73dd7...70.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/10/2023, 18:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.73dd76c5fb3d6ad8413d1c5079cd4370.dll

  • Size

    572KB

  • MD5

    73dd76c5fb3d6ad8413d1c5079cd4370

  • SHA1

    de7562d79900865a0e3754537c72c2defed1b1c5

  • SHA256

    890a7fbe5d2456ae67aedf38a5183d805bae88a6d27689c85b47480d71674381

  • SHA512

    826b6872de6620ee6b112286b98918669e77bbb9ff2c6e748236286056b5864cc158b40f85f362a21bd433262d2c0d2e2e56837a2baa659296f4bad975c46ebb

  • SSDEEP

    6144:hTpNEtfH20yzDv8tA0g8swwO51lb41MrvA4QxU2imhF33erBnW0w2u+0VX7lSMlT:zaf9yzuKekhVsM5IjvABeEpnuo

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.73dd76c5fb3d6ad8413d1c5079cd4370.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:924
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.73dd76c5fb3d6ad8413d1c5079cd4370.dll,#1
      2⤵
        PID:416

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads