Overview

overview

8

Static

static

3

NEAS.72655...b0.exe

windows7-x64

8

NEAS.72655...b0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    131s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.72655506a9cad5fa51015f8bdf9a2eb0.exe

  • Size

    167KB

  • MD5

    72655506a9cad5fa51015f8bdf9a2eb0

  • SHA1

    3678ffd25b575fd1071dffa1c8ff59f80ff85046

  • SHA256

    64f3c3a340332568fa10f0a0be7ac69d87076fa4217387476b8f633a867eeed7

  • SHA512

    478e6d5492f1afd244dd6cf7a156c386248f5ad12f326f4b2f73ecddab0c34bcbba5087b56ff92cd0723359db1d533d35e8228524d40b6817647a24093f3683f

  • SSDEEP

    3072:bXtxGT2G7Sj8GomX5VltS2gS1l8BhhGxbek1hAnwbGEUPIWmHbo4qeAt:rnh8GomJVl82gglkGxb1taPIrHU4qeq

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.72655506a9cad5fa51015f8bdf9a2eb0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.72655506a9cad5fa51015f8bdf9a2eb0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3304
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe
    Filesize

    167KB

    MD5

    b35c9cbd069bec8b2d4252170f673040

    SHA1

    00e160e3469798f94a9e3408504343736de97b3c

    SHA256

    1141afa06624b00cc623d8c5d6639d18173bbf886e1ec806d95909ab8535c62c

    SHA512

    f0d78f3ece955b0becd977f635e8f8ef8ad7bc078b0448c63ea85cd0690cfd5dd87389b2753594acf376f2d7edf6857c63b7732e941fd0ca546cf1a775b176c1

    Download Submit

  • C:\ProgramData\Mozilla\axfniqh.exe
    Filesize

    167KB

    MD5

    b35c9cbd069bec8b2d4252170f673040

    SHA1

    00e160e3469798f94a9e3408504343736de97b3c

    SHA256

    1141afa06624b00cc623d8c5d6639d18173bbf886e1ec806d95909ab8535c62c

    SHA512

    f0d78f3ece955b0becd977f635e8f8ef8ad7bc078b0448c63ea85cd0690cfd5dd87389b2753594acf376f2d7edf6857c63b7732e941fd0ca546cf1a775b176c1

    Download Submit

  • memory/2204-13-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2204-14-0x0000000000580000-0x00000000005DB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2204-19-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3304-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3304-1-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3304-2-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3304-3-0x00000000021A0000-0x00000000021FB000-memory.dmp

    Filesize

    364KB

    Download