a22e66340362f8959ca9cf90e01c8261e3b23711852a52c43ad9f315c94b8968

Analysis

max time kernel
147s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
22/10/2023, 17:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NEAS.e33a83620b177f53cb02d03a06c6c470.exe
Size

598KB
MD5

e33a83620b177f53cb02d03a06c6c470
SHA1

fb048c93bb1f4e61f2123ca0c040781ca0044308
SHA256

a22e66340362f8959ca9cf90e01c8261e3b23711852a52c43ad9f315c94b8968
SHA512

576ae7959097057d0356b6b7f17d8eb1cf7a2b8aa05b62a437aaadd03f01fdbf88d9075ba2203a8e68e597c4819da613bf207b370d5867493a2386e9e870ae93
SSDEEP

3072:bfKPw/6Nb8l4tYpDzo83H6JrgboTlyMvXOqms0itTBf28Vh+egc:zKP9NC4t8zErgsTlXvXBmJitTBe8Vh+C

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 1 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	107.178.223.183

Suspicious behavior: EnumeratesProcesses 48 IoCs

pid	Process
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe
1808	NEAS.e33a83620b177f53cb02d03a06c6c470.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.e33a83620b177f53cb02d03a06c6c470.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.e33a83620b177f53cb02d03a06c6c470.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1808

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads