Overview

overview

3

Static

static

3

NEAS.827c4...d0.exe

windows7-x64

1

NEAS.827c4...d0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-11-2023 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.827c45dd1163a17bca6373d78c299ad0.exe

  • Size

    188KB

  • MD5

    827c45dd1163a17bca6373d78c299ad0

  • SHA1

    5214e1c59a01c87d111798a06fcb30862ced36c3

  • SHA256

    75fb4da135b088ed5d422716c30c2aa5188b4a5d4f0d277f2a3acaf154043b5d

  • SHA512

    8ff79cd214b69b89952600bdb2c3376c8275ad6f511377bff82ac0599e01660653e506a013710590036b4c3931359b038398afea9d9affb1dbda1da1cd893061

  • SSDEEP

    3072:m6URshEWHytHP634Lxzfzcb4i+52kNzldD8UcjbpS3yJ53:maytHPlLxzfzcb4i+5VNzldD8UcN8yJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.827c45dd1163a17bca6373d78c299ad0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.827c45dd1163a17bca6373d78c299ad0.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4496-0-0x00007FFEB4DC0000-0x00007FFEB5761000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4496-1-0x00007FFEB4DC0000-0x00007FFEB5761000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4496-5-0x0000000001730000-0x0000000001740000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4496-6-0x00007FFEB4DC0000-0x00007FFEB5761000-memory.dmp

    Filesize

    9.6MB

    Download