Overview

overview

8

Static

static

3

NEAS.59013...40.exe

windows7-x64

8

NEAS.59013...40.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    18s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/10/2023, 19:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.5901328d843b287f92ff785847d23f40.exe

  • Size

    155KB

  • MD5

    5901328d843b287f92ff785847d23f40

  • SHA1

    a6b22126a07a703009ee33fb2c56185e681acb91

  • SHA256

    cd4d42f77fe1861c511ae6e8ab8f25833eb800ea66ee7cb21dcb3ba261149cb6

  • SHA512

    3bfa5228c53d877bfa3638280f84c483bdadc86c556a3797b67f8f15f192a3bb48d074370532274bb86750eac17b33d3f22955cdd80222192c0a750a5424b985

  • SSDEEP

    3072:zoY0ALG7F60AM6r61ZNSaPK8bbuVSQJ0uOUR5Y7DFavjBooL:0Y0ALG7HAMt1ZEs+NJ0rMYXwe4

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.5901328d843b287f92ff785847d23f40.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.5901328d843b287f92ff785847d23f40.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3876
  • C:\PROGRA~3\Mozilla\ecxnjia.exe
    C:\PROGRA~3\Mozilla\ecxnjia.exe -goglxbn
    1⤵
    • Executes dropped EXE
    PID:2996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\ecxnjia.exe
    Filesize

    155KB

    MD5

    56167f19c716ba5bebce7cb0b9d476d3

    SHA1

    a6dc2364819bf36a77f1880068ce4ef82f62c2a2

    SHA256

    b1c99172f4756fae761ab017812896732157d04e8476a0ed63802309f04454f7

    SHA512

    d48f05c7750bfc20bd8cc55199052ef91fd3e7cb9e01cab3a5733e031d2da047177bfa17387cbfcd49b5820fcc773a291cf869f96db96387f854b56641172e47

    Download Submit

  • C:\ProgramData\Mozilla\ecxnjia.exe
    Filesize

    155KB

    MD5

    56167f19c716ba5bebce7cb0b9d476d3

    SHA1

    a6dc2364819bf36a77f1880068ce4ef82f62c2a2

    SHA256

    b1c99172f4756fae761ab017812896732157d04e8476a0ed63802309f04454f7

    SHA512

    d48f05c7750bfc20bd8cc55199052ef91fd3e7cb9e01cab3a5733e031d2da047177bfa17387cbfcd49b5820fcc773a291cf869f96db96387f854b56641172e47

    Download Submit

  • memory/2996-10-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3876-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3876-1-0x0000000000680000-0x00000000006DB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3876-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download