Overview

overview

8

Static

static

3

NEAS.2f8d2...80.exe

windows7-x64

8

NEAS.2f8d2...80.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    144s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/10/2023, 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2f8d2180bc8636101ca5754310731080.exe

  • Size

    144KB

  • MD5

    2f8d2180bc8636101ca5754310731080

  • SHA1

    b93b1620febf631f9dd7f3dc113e7690e69d9feb

  • SHA256

    4d6e23223e3d95a28d8cf624450c0514b63d57fbf14b62a8bfbd08d81aa84f54

  • SHA512

    ff5e869bfca92424c0fd244d3488b5cd14dcce357e3ff2af2d6bb1242b48877b7e3979814424d154593de24c2c57a9f9dafa9ae9a10e983538d2efbe42bbb683

  • SSDEEP

    3072:9QwtBcEiZztKydjXbyDwFQhoAawGvV2OtzaA+H1gUqNGEgUBG83HZ:9Qwt6EUzMo2po3wGvVevH1gjDgO

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2f8d2180bc8636101ca5754310731080.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2f8d2180bc8636101ca5754310731080.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3932
  • C:\PROGRA~3\Mozilla\yqzqgud.exe
    C:\PROGRA~3\Mozilla\yqzqgud.exe -ikphvdj
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\yqzqgud.exe
    Filesize

    144KB

    MD5

    24ff73a7474f43ee0546e37aedbf362c

    SHA1

    7eb57962daad7f503e1b784598d334bd123faea5

    SHA256

    a184d4f57ba3924abccd9ec7c51fd09cf7ef9efab4b149212243eea9adeda3e3

    SHA512

    dfa08b56b9a035ac042c848176dfab30acb2bbbcb7743f13b0782f63341dff9ca0470669abca14ebc8086a3dd6ec59b13e04525f3d8c1cd6e427bc92948b992d

    Download Submit

  • C:\ProgramData\Mozilla\yqzqgud.exe
    Filesize

    144KB

    MD5

    24ff73a7474f43ee0546e37aedbf362c

    SHA1

    7eb57962daad7f503e1b784598d334bd123faea5

    SHA256

    a184d4f57ba3924abccd9ec7c51fd09cf7ef9efab4b149212243eea9adeda3e3

    SHA512

    dfa08b56b9a035ac042c848176dfab30acb2bbbcb7743f13b0782f63341dff9ca0470669abca14ebc8086a3dd6ec59b13e04525f3d8c1cd6e427bc92948b992d

    Download Submit

  • memory/3708-13-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3708-12-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3708-14-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3708-18-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3932-1-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3932-2-0x0000000000580000-0x0000000000581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3932-0-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3932-3-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3932-7-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download

  • memory/3932-11-0x0000000000400000-0x0000000000461000-memory.dmp

    Filesize

    388KB

    Download