Overview

overview

7

Static

static

3

NEAS.6c116...00.exe

windows7-x64

7

NEAS.6c116...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.6c116796940cff6cc49e8726a4399900.exe

  • Size

    41KB

  • Sample

    231101-rhfkpsee67

  • MD5

    6c116796940cff6cc49e8726a4399900

  • SHA1

    07811099d9460eb773c633deca208f4156cbf946

  • SHA256

    cd80bceaa136b8e65c69382a3362f9a4798c24237010a1b4d04ba984d769367b

  • SHA512

    17d10e768eaced483b5118613c6e7924d6539e20f5cfeef3d90c42d5b8b4ed2e49bfbf795f1c8e83c2e86e66912683fa4dd83c02ba06495f7125a8bcc49de1db

  • SSDEEP

    768:s+pWrOOfbMUI4ybFrcUtxLKxouHd5slovvlLuzTUy:s+pWrvI+UFrjxWxo45slovte7

Score
7/10

Malware Config

Targets

    • Target

      NEAS.6c116796940cff6cc49e8726a4399900.exe

    • Size

      41KB

    • MD5

      6c116796940cff6cc49e8726a4399900

    • SHA1

      07811099d9460eb773c633deca208f4156cbf946

    • SHA256

      cd80bceaa136b8e65c69382a3362f9a4798c24237010a1b4d04ba984d769367b

    • SHA512

      17d10e768eaced483b5118613c6e7924d6539e20f5cfeef3d90c42d5b8b4ed2e49bfbf795f1c8e83c2e86e66912683fa4dd83c02ba06495f7125a8bcc49de1db

    • SSDEEP

      768:s+pWrOOfbMUI4ybFrcUtxLKxouHd5slovvlLuzTUy:s+pWrvI+UFrjxWxo45slovte7

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks