Analysis
-
max time kernel
139s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system -
submitted
01/11/2023, 13:55
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
NEAS.279d6f058418eaba533306e892ce21e0.exe
Resource
win7-20231020-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
NEAS.279d6f058418eaba533306e892ce21e0.exe
Resource
win10v2004-20231023-en
1 signatures
150 seconds
General
-
Target
NEAS.279d6f058418eaba533306e892ce21e0.exe
-
Size
272KB
-
MD5
279d6f058418eaba533306e892ce21e0
-
SHA1
adfa58734ac970cf6817b5f62cb4095eb14ab199
-
SHA256
ecc09adc90681a8b98386c0d3433572ce768841ac2a10b2ed49ddc38de18b368
-
SHA512
0479b8d483068e5b017f57c60bcd68792d7bad0ee8ac83b9dc222a42eae7f4d7151a142bad64dd2998c02dce583811ac12b92893775cc1c7c167a0b119261523
-
SSDEEP
3072:aFKO/+AN30XttofAEYw8asCHNhMXi6Y0HYSx:aFa20gIEY2xUS6U
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 516 5012 WerFault.exe 83
Processes
-
C:\Users\Admin\AppData\Local\Temp\NEAS.279d6f058418eaba533306e892ce21e0.exe"C:\Users\Admin\AppData\Local\Temp\NEAS.279d6f058418eaba533306e892ce21e0.exe"1⤵PID:5012
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5012 -s 2322⤵
- Program crash
PID:516
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 5012 -ip 50121⤵PID:4024