Overview

overview

6

Static

static

3

NEAS.09d0f...10.exe

windows7-x64

6

NEAS.09d0f...10.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.09d0f6ba33fecc11b45bdfa9501d0910.exe

  • Size

    821KB

  • MD5

    09d0f6ba33fecc11b45bdfa9501d0910

  • SHA1

    2d3e3f5d7e0e92b86d39b64ac84d67ead185a39f

  • SHA256

    09bc14a16de7005762333e9b4f140bde009c8fc123d04378aede9a9ea93b5b5d

  • SHA512

    deb9f13c9943dc1dc7aaa282545edb225f812d0787ac29b575788adaec5c2ebb29ca736c96fa1f6dd46837f4ea8d286d89e3a7b52335b354f3cd77623dfcc9b7

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a12:Hha8iAx+1zwjJHd6vB/ANMfCW

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.09d0f6ba33fecc11b45bdfa9501d0910.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.09d0f6ba33fecc11b45bdfa9501d0910.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:5116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    831KB

    MD5

    f2ec85d90e777fdc5bc317b3a5040b65

    SHA1

    384c89df0222c132533f436ba7eda3679897cfac

    SHA256

    3a9870628694303648da780dfcc6b7b7a5fdea0b684f3814ef2c444ae020c80b

    SHA512

    fc6cfe6625a7e40dbbaed63ec9320fc93d604315c5f120cbaa5255e785eaf8d5abb993ca00bc6445090d5ac0f86d982d906d4ac1011eff4eb65788c9f27ee99a

    Download Submit

  • memory/5116-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/5116-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download