Overview

overview

3

Static

static

3

NEAS.0af53...70.dll

windows7-x64

1

NEAS.0af53...70.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    28/10/2023, 18:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.0af531a44b330a4949c536668d7e8770.dll

  • Size

    777KB

  • MD5

    0af531a44b330a4949c536668d7e8770

  • SHA1

    4a520eb0a55fa8daae5bc3e1bc951b59791c6ae9

  • SHA256

    8860cdb07acbe6e79690354a7ae29454eb54f90f25a17c00334ac5cf8c22ba7e

  • SHA512

    346d1c08166c195ce3ca8399ab74db096f77ad2050620cfd2048dd85f1fcb163ffb1586e3d764f6c32e2f39466009279f667808f9a9f4b93c81dc478a8cc6170

  • SSDEEP

    12288:K6ERFlMyJPrrtY2Tw9I2zcqCZNca52Tlayh4ZF1NDikJB8VEA4Mq5B:K6ERFzPrrrChIqCZNngT+Y9eA4MaB

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\NEAS.0af531a44b330a4949c536668d7e8770.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2340 -s 84
      2⤵
        PID:1212

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads