Overview

overview

7

Static

static

3

NEAS.32d9e...JC.exe

windows7-x64

7

NEAS.32d9e...JC.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/10/2023, 22:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.32d9e0f6d4a731409ffb50787a4a0ac0_JC.exe

  • Size

    60KB

  • MD5

    32d9e0f6d4a731409ffb50787a4a0ac0

  • SHA1

    266f1fedbf61bad51c831656b569a8b59bf8ead4

  • SHA256

    179e70bf9721179f72e60d3798c51babb799eeec5ffcfd08645532be810af188

  • SHA512

    16821315d9975cf8ea30fa51e660749c5dab0392a869397829a2a12bbf7bc9bf2257ecb8d6e31b0a7ecce76a0e768cb33c40bd60b7d31965b67b3989c0649247

  • SSDEEP

    768:3i/My0p89+zxEbjakT725yBFkQF3CXnf5+NODzu1QW1N41wMr9uygSCyslOgv07v:7zK9P3EA6cyXfBuyWcr9JgS2Ogs76ZQ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Enumerates system info in registry 2 TTPs 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.32d9e0f6d4a731409ffb50787a4a0ac0_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.32d9e0f6d4a731409ffb50787a4a0ac0_JC.exe"
    1⤵
    • Enumerates system info in registry
    PID:1824
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1824 -s 372
      2⤵
      • Program crash
      PID:2076
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 1824 -ip 1824
    1⤵
      PID:1856

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1824-0-0x0000000000400000-0x0000000000419000-memory.dmp

            Filesize

            100KB

            Download

          • memory/1824-1-0x0000000000400000-0x0000000000419000-memory.dmp

            Filesize

            100KB

            Download