Overview

overview

8

Static

static

3

NEAS.72481...JC.exe

windows7-x64

8

NEAS.72481...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    13s
  • max time network
    20s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-11-2023 23:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.72481fd53a5282fb1f0ff737ad749610_JC.exe

  • Size

    327KB

  • MD5

    72481fd53a5282fb1f0ff737ad749610

  • SHA1

    38d903a3db603fa5f6daa08f01ff3f349df569d5

  • SHA256

    10810b7f02a353b96a1e5a56de9c2ec66b736de8a8042eac3adf08fd57034544

  • SHA512

    b08149161a3202a510b5583591a9137838376b93ed33928b79cff77a5faae5756670cf5ed4a42a20a66c5224f1a6892140da5df4d66edd24fd08d3ad46b864ac

  • SSDEEP

    3072:xANA6IMfSLilGMXEVP79SE8pve/RysNPDuIvT4FBDv1KS2jbxWGqJsh:WiMF/X479SEAanPSIv0FB5KSbGqJO

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.72481fd53a5282fb1f0ff737ad749610_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.72481fd53a5282fb1f0ff737ad749610_JC.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4272
  • C:\PROGRA~3\Mozilla\giuchbl.exe
    C:\PROGRA~3\Mozilla\giuchbl.exe -tvuydyl
    1⤵
    • Executes dropped EXE
    PID:2636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\giuchbl.exe
    Filesize

    327KB

    MD5

    b51b7a87f9cd63e07093c14299bcdeae

    SHA1

    6f005c1023faad444e582ace625300dd4e7dbeed

    SHA256

    4962af7af6adeff8067c6063d5255f7488ed87462495978c071df033a148de6e

    SHA512

    37ca44cfdf2aea7be964d3ef63038792d7466db18e37240b826872672cfa38e6cd59d0e19bb6f525890d3bebf3458b8516ef622258511de33597bb7a4f93a173

    Download Submit

  • C:\ProgramData\Mozilla\giuchbl.exe
    Filesize

    327KB

    MD5

    b51b7a87f9cd63e07093c14299bcdeae

    SHA1

    6f005c1023faad444e582ace625300dd4e7dbeed

    SHA256

    4962af7af6adeff8067c6063d5255f7488ed87462495978c071df033a148de6e

    SHA512

    37ca44cfdf2aea7be964d3ef63038792d7466db18e37240b826872672cfa38e6cd59d0e19bb6f525890d3bebf3458b8516ef622258511de33597bb7a4f93a173

    Download Submit

  • memory/2636-11-0x0000000000D90000-0x0000000000DEC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/4272-0-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/4272-1-0x00000000021E0000-0x000000000223C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/4272-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4272-3-0x0000000000400000-0x0000000000469000-memory.dmp

    Filesize

    420KB

    Download

  • memory/4272-8-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4272-10-0x00000000021E0000-0x000000000223C000-memory.dmp

    Filesize

    368KB

    Download