Overview

overview

9

Static

static

3

NEAS.c16f7...c0.exe

windows7-x64

9

NEAS.c16f7...c0.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.c16f7834935194a30d1206d864020ec0.exe

  • Size

    285KB

  • Sample

    231021-1cyzjagh6x

  • MD5

    c16f7834935194a30d1206d864020ec0

  • SHA1

    350d2d017795f39fa3eaee3db1df8a2f07d068d2

  • SHA256

    b5f203e5841c108e6076fe5ed65557260b384bb03ad360672dd57cafa55b7024

  • SHA512

    057c3949b768180f8aae61d7c427de333a1465a8f004bce12525c33e037efa3af9bee1985978bfd89450c69ec6cdc9400780fb5ded41113802ab8326f4fb9e45

  • SSDEEP

    6144:RqlIyFESWu0SWu86jYYFg9e+eTSRqlIyFESWu0SWu86jYYFg9e+eTSq:tyW6jYYDStyW6jYYDSq

Score
9/10
ransomware

Malware Config

Targets

    • Target

      NEAS.c16f7834935194a30d1206d864020ec0.exe

    • Size

      285KB

    • MD5

      c16f7834935194a30d1206d864020ec0

    • SHA1

      350d2d017795f39fa3eaee3db1df8a2f07d068d2

    • SHA256

      b5f203e5841c108e6076fe5ed65557260b384bb03ad360672dd57cafa55b7024

    • SHA512

      057c3949b768180f8aae61d7c427de333a1465a8f004bce12525c33e037efa3af9bee1985978bfd89450c69ec6cdc9400780fb5ded41113802ab8326f4fb9e45

    • SSDEEP

      6144:RqlIyFESWu0SWu86jYYFg9e+eTSRqlIyFESWu0SWu86jYYFg9e+eTSq:tyW6jYYDStyW6jYYDSq

    Score
    9/10
    ransomware

    • Renames multiple (133) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Renames multiple (230) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks