92c8b7d11f565ad7bcf6d9819cf77d2546d7b6a62eeb268be4938929d077f6e9

Analysis

max time kernel
156s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
22/10/2023, 17:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NEAS.39be729cc7d83ab95defa77934f671a0.exe
Size

1.6MB
MD5

39be729cc7d83ab95defa77934f671a0
SHA1

1af571a3ebfe9260d400e5503fa3c471ac762d93
SHA256

92c8b7d11f565ad7bcf6d9819cf77d2546d7b6a62eeb268be4938929d077f6e9
SHA512

a836c298afbdd5b202e99a2e29058a37d2d3be550005d054e0b7bb52dc9e93972da720034b0202ea2233a76404f2faedf3b38e0d678419bb066b16f4a9151ad5
SSDEEP

24576:wA60zChg5U+9D8EpTY0VSuNRZ+6as3K2IrMSjnwkZMG51Ck0igz5BC+l4T31wck5:7zp5hDNLRIpswjw9q11mwScaF

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4404	NEAS.39be729cc7d83ab95defa77934f671a0.tmp

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1348 wrote to memory of 4404	1348	NEAS.39be729cc7d83ab95defa77934f671a0.exe	86
PID 1348 wrote to memory of 4404	1348	NEAS.39be729cc7d83ab95defa77934f671a0.exe	86
PID 1348 wrote to memory of 4404	1348	NEAS.39be729cc7d83ab95defa77934f671a0.exe	86

C:\Users\Admin\AppData\Local\Temp\NEAS.39be729cc7d83ab95defa77934f671a0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.39be729cc7d83ab95defa77934f671a0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1348
- C:\Users\Admin\AppData\Local\Temp\is-U7Q1I.tmp\NEAS.39be729cc7d83ab95defa77934f671a0.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-U7Q1I.tmp\NEAS.39be729cc7d83ab95defa77934f671a0.tmp" /SL5="$9021C,1417544,54272,C:\Users\Admin\AppData\Local\Temp\NEAS.39be729cc7d83ab95defa77934f671a0.exe"
  2⤵
  - Executes dropped EXE
  PID:4404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-U7Q1I.tmp\NEAS.39be729cc7d83ab95defa77934f671a0.tmp

Filesize
687KB

MD5
c49b0148cb58b886f60cb32eb5e81439

SHA1
9c64093d08c5ea02a3622f2b616546d3c67a2360

SHA256
fc13f965789a342dba0784492c2e2797ab92bdeaa6532e125b04be81675c0810

SHA512
70968fa616ff38b39e9b266c38f99e4b25a749d5f84706c3302e2e218cfcf9b18cc8bd2017d630ed27fc7e291a748477f23bb9d447745654d06ca58845ea918b

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-U7Q1I.tmp\NEAS.39be729cc7d83ab95defa77934f671a0.tmp

Filesize
687KB

MD5
c49b0148cb58b886f60cb32eb5e81439

SHA1
9c64093d08c5ea02a3622f2b616546d3c67a2360

SHA256
fc13f965789a342dba0784492c2e2797ab92bdeaa6532e125b04be81675c0810

SHA512
70968fa616ff38b39e9b266c38f99e4b25a749d5f84706c3302e2e218cfcf9b18cc8bd2017d630ed27fc7e291a748477f23bb9d447745654d06ca58845ea918b

Download Submit
memory/1348-1-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1348-3-0x00000000026B0000-0x00000000027DE000-memory.dmp

Filesize
1.2MB

Download
memory/1348-4-0x00000000027E0000-0x000000000290D000-memory.dmp

Filesize
1.2MB

Download
memory/1348-5-0x0000000002910000-0x0000000002A43000-memory.dmp

Filesize
1.2MB

Download
memory/1348-20-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/4404-15-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download
memory/4404-22-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/4404-23-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads