Overview

overview

6

Static

static

3

NEAS.36496...00.exe

windows7-x64

6

NEAS.36496...00.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    49s
  • max time network
    55s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/10/2023, 17:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.364964d8e11f3d73a5bced11bd8fa100.exe

  • Size

    733KB

  • MD5

    364964d8e11f3d73a5bced11bd8fa100

  • SHA1

    910197fe279b0d66f52f57732fceca15b5e88fda

  • SHA256

    0e35ef8626c0150e10b071a802146a372380cc7d02b156bebc0122c45b913ef3

  • SHA512

    e5c3f01485976bb92ecf87a2777b8a36f0c12c5049321090cac43d44f808235f969dc7474564af329004325afcac475896e77cf86e4e62735c8ef0be55331b24

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1b:Hha8iAx+1zwjJHd6vB/ANMfwwfm

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.364964d8e11f3d73a5bced11bd8fa100.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.364964d8e11f3d73a5bced11bd8fa100.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:3308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    743KB

    MD5

    d55d5e6dd8ec1bf693e98a8c12162a76

    SHA1

    fd9c45dad7c497d39b545a993ab8afd41cd04038

    SHA256

    dac288fcccfa143c563ce4250d350560986d34e416633c8f198fee7e5d9bd1c8

    SHA512

    b9aa74e28278b66df9a9862649468ef724f69c88c798664e32aedb7ab34ed89a749340515dc8cb3b8725f1c41f362745f6065e7e80568ce1dd1da44c6491d400

    Download Submit

  • memory/3308-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3308-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download