Overview

overview

7

Static

static

3

NEAS.1532d...50.exe

windows7-x64

7

NEAS.1532d...50.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    01-11-2023 00:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe

  • Size

    316KB

  • MD5

    1532de5c0f9f96dce7b6b5a5f8fcc150

  • SHA1

    9ebd6aa3907e0e9879690764e5d841ae4aab1d18

  • SHA256

    85dd4725a0317a3a500b6bc4a7344c04403236206e024459aeee90d4cdd48083

  • SHA512

    a774abb3b93a82df9addcabc4e00686128ff20340298e19f38a2e1ee8942a889ca56c210cde546cea201dbf90829453b475ab343e8400a8a20780abffbd232e0

  • SSDEEP

    6144:dnMfIq+XLROUxHXGmUReIyZyCcgHuVzOaO+tZGb:dMgZXNOUBXXRTOAz+Gb

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2108
    • C:\Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe.back
      "C:\Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe.back"
      2⤵
      • Executes dropped EXE
      PID:2092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe.back
    Filesize

    316KB

    MD5

    2a1bb75f35b3b498d96a62d7feae60e7

    SHA1

    a9487e106c41a907a42adcff752097ad1798fd23

    SHA256

    5d28aba47331ce4b03687acc49e564722ebd11e50777b03b35ceab6dba87cc66

    SHA512

    faef7374317e1b151bfb019250ccafa5a38cd161f41dad41f5a2dc7b492e92df891a1751e2fa2f81b390416f6eb74e4b949c073c60f887ebc2adee3b427b70c9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\NEAS.1532de5c0f9f96dce7b6b5a5f8fcc150.exe.back
    Filesize

    316KB

    MD5

    2a1bb75f35b3b498d96a62d7feae60e7

    SHA1

    a9487e106c41a907a42adcff752097ad1798fd23

    SHA256

    5d28aba47331ce4b03687acc49e564722ebd11e50777b03b35ceab6dba87cc66

    SHA512

    faef7374317e1b151bfb019250ccafa5a38cd161f41dad41f5a2dc7b492e92df891a1751e2fa2f81b390416f6eb74e4b949c073c60f887ebc2adee3b427b70c9

    Download Submit