Overview

overview

8

Static

static

3

NEAS.004b5...JC.exe

windows7-x64

8

NEAS.004b5...JC.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    138s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/10/2023, 20:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.004b5274dc3a440a9dac3c52a0f30910_JC.exe

  • Size

    232KB

  • MD5

    004b5274dc3a440a9dac3c52a0f30910

  • SHA1

    445485ca8aa666f83ab0e3fcca1125e56b05b711

  • SHA256

    7fcbb56b0f02469121164331d82674467d14cf7b5cccb945d73554ed01154287

  • SHA512

    cead1f3a4e226c024ded948b2ed136e7e691ccefa31cf54abfb65e17b95f6e1ab4af3b70fd90e1717c1c8ae60e24fd1cdc08f9217fa94d504dbcc2845e29b5ff

  • SSDEEP

    3072:fs5jAp7XSXDHAGjTmwoI+2Msl1gwW/ZJK7bJ1A50MW5UtU88q/S2jbxWGqJsS:fsapAL/jTroImi1ArWOtU8J/SbGqJN

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.004b5274dc3a440a9dac3c52a0f30910_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.004b5274dc3a440a9dac3c52a0f30910_JC.exe"
    1⤵
    • Drops file in Program Files directory
    PID:5100
  • C:\PROGRA~3\Mozilla\giuchbl.exe
    C:\PROGRA~3\Mozilla\giuchbl.exe -tvuydyl
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3456

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\giuchbl.exe
          Filesize

          232KB

          MD5

          68859f1d35fcf87f1f7d79f46d62ca64

          SHA1

          b552c6fabc346c18af8216a7fe6d9999a0c1f617

          SHA256

          8db155783e2d783d4ff9a3347ce1b3e816824f4286161c781a71933b82f02e01

          SHA512

          4c072f9d418c454043c6865a6dcb38a2051c2a3cb9493b3d4da47ec608c1db347cb313d731ec3bb9d2df4d5a92a25723f99078ed87d5e60d9a3bc74811a12b68

          Download Submit

        • C:\ProgramData\Mozilla\giuchbl.exe
          Filesize

          232KB

          MD5

          68859f1d35fcf87f1f7d79f46d62ca64

          SHA1

          b552c6fabc346c18af8216a7fe6d9999a0c1f617

          SHA256

          8db155783e2d783d4ff9a3347ce1b3e816824f4286161c781a71933b82f02e01

          SHA512

          4c072f9d418c454043c6865a6dcb38a2051c2a3cb9493b3d4da47ec608c1db347cb313d731ec3bb9d2df4d5a92a25723f99078ed87d5e60d9a3bc74811a12b68

          Download Submit

        • memory/3456-9-0x0000000000D60000-0x0000000000DBC000-memory.dmp

          Filesize

          368KB

          Download

        • memory/3456-10-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/3456-12-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/3456-14-0x0000000000D60000-0x0000000000DBC000-memory.dmp

          Filesize

          368KB

          Download

        • memory/5100-0-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5100-1-0x00000000021F0000-0x000000000224C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/5100-2-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5100-6-0x0000000000400000-0x000000000045B000-memory.dmp

          Filesize

          364KB

          Download

        • memory/5100-8-0x00000000021F0000-0x000000000224C000-memory.dmp

          Filesize

          368KB

          Download