Overview

overview

7

Static

static

3

NEAS.0747b...b0.exe

windows7-x64

7

NEAS.0747b...b0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2023 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.0747b6c0d4e6b8c4b382a1f68e78a9b0.exe

  • Size

    45KB

  • MD5

    0747b6c0d4e6b8c4b382a1f68e78a9b0

  • SHA1

    9e67d3567a0a4ebbaa6d5335bd668df30aa5185c

  • SHA256

    60771482e348f54dbc02d1332655f908f984d51112bb3783433f27b6bbbbfbb1

  • SHA512

    1f5148de1bee17ca103f21540fe4864e30a58358b5923a2001ab4a86b59e2ff39a702edc42830bf543019b20996553e0a3f9c151e7bc2e7e00e6270c35d91b21

  • SSDEEP

    768:gJKlMVRFoTXti8MdiQwiZTCnTrbcjxS50ZD3Qk29saAvuHqTppHaUio1W3:KfV8TMliQwA+fAw5sDY7I4qlFiMs

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 5 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.0747b6c0d4e6b8c4b382a1f68e78a9b0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.0747b6c0d4e6b8c4b382a1f68e78a9b0.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Common Files\Microsoft Shared\MSInfo\qqdsq2.lmz
    Filesize

    27KB

    MD5

    6a9167a6b34e99259636fe9b230b7d0c

    SHA1

    ac511bcf1ecc7496fce08c4e02abdd7e178823bb

    SHA256

    055280c560313886dd194e6e16807399bd8e909da4aef9cc1065bb5be6dd554b

    SHA512

    b9b7563cd4f1121cb1763f15c4fa248ccedc47628e430f4055e30036e34ead9073dea7ad82705ef9fdfa03b6dd4a5aed38a9039767aec2412575c1576b39fc40

    Download Submit

  • memory/1736-5-0x0000000000220000-0x0000000000237000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1736-7-0x0000000000400000-0x0000000000422000-memory.dmp

    Filesize

    136KB

    Download

  • memory/1736-8-0x0000000000220000-0x0000000000237000-memory.dmp

    Filesize

    92KB

    Download