Analysis
-
max time kernel
20s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
-
submitted
22-10-2023 17:30
General
-
Target
NEAS.e0ae5df1efe84b8fe966333a2d501f40.exe
-
Size
235KB
-
MD5
e0ae5df1efe84b8fe966333a2d501f40
-
SHA1
c94c76a103014399256be81a32d04e663f6b17e8
-
SHA256
90d3772db1b4414bedc912ac4001593a86d1b1f0d8d38cc037e5892f25a90628
-
SHA512
f7e8c8d2d7d8a1d8c9bb3646dcf153d91ea8dae2158dcf61e8554cc2dc1a868b0796106b87e34bbbbc3668befece187bbce76fc636b29dbe2322eb9e34b91763
-
SSDEEP
6144:OYngNOiTX2p1+XqaVbi3hVq8n8wdeIpjlsRJCK/:OYnIBKsXqc0Pn8fIpOP/
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\NEAS.e0ae5df1efe84b8fe966333a2d501f40.exe"C:\Users\Admin\AppData\Local\Temp\NEAS.e0ae5df1efe84b8fe966333a2d501f40.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\WScript.exe"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\RarSFX0\Twitch.vbs"2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5302d3f5fc02e93b72ca9ef6c99af8e48
SHA1093fb93146b908b8f7ca5b4647d211f6a644256c
SHA256b601169face77962c3cc77cf3567f5751311ebc2f61779ac29cd1ab82acee52c
SHA5123ba83ff781003ed8d1d58a4cf267882c64fac5017ce9710b2a60c5a3236fce9c2c790203b1dbc1eb2e2cd3cb470a2cc98acc05a52ef737cd74e535104ee7054c