Overview

overview

9

Static

static

3

NEAS.94f72...c0.exe

windows7-x64

9

NEAS.94f72...c0.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    151s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    16-10-2023 18:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.94f72abc78fa4a11fb2cc904e3baf0c0.exe

  • Size

    74KB

  • MD5

    94f72abc78fa4a11fb2cc904e3baf0c0

  • SHA1

    ccd0cb97130a9a07c40e1e5364e74f4a23e59368

  • SHA256

    9af6b6c345fc861535b18ad53dff8c2259be13abf4dda4476c3242d1290cb17b

  • SHA512

    aaaae6febe6967a5358fc1e4fc1a687dadd8a59092e6b477151dbe847ddbf7cd95c3dbe5c63cb038f12ed19df6f9002b34a0b7f6bde14bddefec0daac4c1f3c1

  • SSDEEP

    768:W7BlphA7pARFbhOm0CAbLg++PJHJzIWD4OsDTQbzjrY/+TQbzjrY/Sk/nUzpP/iN:W7ZhA7pApH1++PJHJXDsH9j+9j1

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (55) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.94f72abc78fa4a11fb2cc904e3baf0c0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.94f72abc78fa4a11fb2cc904e3baf0c0.exe"
    1⤵
      PID:1916

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-607259312-1573743425-2763420908-1000\desktop.ini.tmp
      Filesize

      74KB

      MD5

      0f44d7aef267da2f97d04aed9eb9fd44

      SHA1

      b7ca403590f63a9197c56b6f1c90951b5e6f4208

      SHA256

      af0b07a54e60342900ed839de424c90b4bb70d11d6b7dcc7c2fc984cb6f03734

      SHA512

      c2c625f05c829d814705109eecc9f9b6735f95617830223ad58f24699e60cf6f8d86f68ffc6f20dbc287cb575c65bb672fff5f5d93f380109a17c10cab559b55

      Download Submit

    • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
      Filesize

      83KB

      MD5

      8435de355eef28e69201c695427358f2

      SHA1

      83f2465679900ff7f00b5ad4e443b25ef29fccf9

      SHA256

      bb46824e45b9cc2a523c82b435b76b6ac9d181ce4e4c8b6f5bf5bb043e185c51

      SHA512

      21558758a97501311493483c70a1cc63a7ecaa535c0bd8431a286f6b63c466fc11a8bd44f5d5e574f3ff8c923d10aa8644c247438a16a66aac873885a9d88a96

      Download Submit