Overview

overview

6

Static

static

3

NEAS.01f9e...70.exe

windows7-x64

6

NEAS.01f9e...70.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 04:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.01f9eabffae3a7315a52daa26f967170.exe

  • Size

    919KB

  • MD5

    01f9eabffae3a7315a52daa26f967170

  • SHA1

    66af445a818c6e0bd2768fbfcf7856024e584166

  • SHA256

    4f011764d5d1929b9d84397991855ac9e1db16b8d6ebc590127f6dc6b7b31ead

  • SHA512

    08056d273f4ad51caafa64bc8120458193e443a80f35a6d0f436ecb67ade5481266646b769bb5257207a24da604137966d7cbf8ab58ea34de69d8308623c3756

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1DzbB:Hha8iAx+1zwjmHd6vB/jO11zzss6TQt

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.01f9eabffae3a7315a52daa26f967170.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.01f9eabffae3a7315a52daa26f967170.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    928KB

    MD5

    adeea325c64e8030cd5441e28b17275f

    SHA1

    eda884d32c017fbf514887958163f79416c205a0

    SHA256

    6ac466959a36bea671eb3ff3e71d69237614d2f5cd7dfa183f0263f3057845a8

    SHA512

    78ea0b8a208d5c27f43fe69857fc316fe3408989fafb3a2495f65740821ceff50df4e9c24ff2bed0354014686c5b5fa466a82a5d12817287a67cf8c6a001d1a4

    Download Submit

  • memory/2392-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2392-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download