Overview

overview

7

Static

static

3

NEAS.e8355...b0.exe

windows7-x64

7

NEAS.e8355...b0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    153s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/10/2023, 21:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.e8355e66dfaeecca7dcb27345453beb0.exe

  • Size

    4.6MB

  • MD5

    e8355e66dfaeecca7dcb27345453beb0

  • SHA1

    bcc7e0d22736d50ad83fda8ec92f62e1002639ac

  • SHA256

    01cf8d520a2abb406eccf745cc22a890418f1b118f90192f76199ac3d18fdf2b

  • SHA512

    540b4143643461120848667a8aa27c076ec1ddc61fa1b2b6f23df71e3013e3ca16ad5d814ea5449595f0be29c46b611624966d669f9a43eb0f756ba392eb13b9

  • SSDEEP

    49152:zY3Nyry3hD44t1xVFVFsD4WUNy/LTzmElg4EWJMGmNPXFEFXCN7U0Zf2YOE+SvOU:WWy3hDLt1D3QsA

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 25 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of AdjustPrivilegeToken 46 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.e8355e66dfaeecca7dcb27345453beb0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.e8355e66dfaeecca7dcb27345453beb0.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:5076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5076-0-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-2-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-1-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-3-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-5-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-7-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-9-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-11-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-13-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-15-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-17-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-19-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-21-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-23-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-25-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-27-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-29-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-31-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-33-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-35-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-37-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-39-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-41-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-43-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/5076-44-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download