Overview

overview

8

Static

static

3

NEAS.e768f...60.exe

windows7-x64

8

NEAS.e768f...60.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 14:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.e768f13e4e3447622eb73096097b8360.exe

  • Size

    160KB

  • MD5

    e768f13e4e3447622eb73096097b8360

  • SHA1

    00399156f4d753bbd32c387091036e14f361a4cb

  • SHA256

    546b54b6edd55922cb3a5b3ef5f223c9732f2be246b38ab8e392ef547e3f5d5c

  • SHA512

    c05ab0dc21c33b494b1ecf5ed19bf5e6514b5c51ae093d73ce5fb15e06b9f45de598bf14e5ed06e1eeb16df6a20401142513cb62f217bc97613af62cc0951623

  • SSDEEP

    3072:wKGrkCJj+pXHaS/cOJs0/r83WwuXdXcDpIPs6:wKGap3ze0D83WVsK

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.e768f13e4e3447622eb73096097b8360.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.e768f13e4e3447622eb73096097b8360.exe"
    1⤵
    • Drops file in Program Files directory
    PID:5068
  • C:\PROGRA~3\Mozilla\gpypjxc.exe
    C:\PROGRA~3\Mozilla\gpypjxc.exe -tripsff
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\gpypjxc.exe
    Filesize

    160KB

    MD5

    dd55fb9a988c9ff2b55f71f2ed8296b1

    SHA1

    9b400920e48a13d6f7ffb834cddb39fd0e299dcc

    SHA256

    9063e4bb44dda38360cae5dd1b7de8dd59c4e03234382e107fc9af192c399f61

    SHA512

    04b67e9dce964334fb64bc07987ea82dff0bc082014accf8177f31c14acd0ed8828fd4696f9c3b05baa5aa6c84590fa27988d7002cf11f1c2c5dd3cf9b720b8c

    Download Submit

  • C:\ProgramData\Mozilla\gpypjxc.exe
    Filesize

    160KB

    MD5

    dd55fb9a988c9ff2b55f71f2ed8296b1

    SHA1

    9b400920e48a13d6f7ffb834cddb39fd0e299dcc

    SHA256

    9063e4bb44dda38360cae5dd1b7de8dd59c4e03234382e107fc9af192c399f61

    SHA512

    04b67e9dce964334fb64bc07987ea82dff0bc082014accf8177f31c14acd0ed8828fd4696f9c3b05baa5aa6c84590fa27988d7002cf11f1c2c5dd3cf9b720b8c

    Download Submit

  • memory/3872-10-0x0000000000400000-0x000000000042C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/3872-11-0x0000000000C90000-0x0000000000CEB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3872-17-0x0000000000400000-0x000000000042C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/5068-0-0x0000000000400000-0x000000000042C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/5068-1-0x0000000000430000-0x000000000048B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/5068-7-0x0000000000400000-0x000000000042C000-memory.dmp

    Filesize

    176KB

    Download