Overview

overview

10

Static

static

3

NEAS.041cb...f0.exe

windows7-x64

10

NEAS.041cb...f0.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/11/2023, 07:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.041cbfb39dcfb527d3651aecaea4bff0.exe

  • Size

    1023KB

  • MD5

    041cbfb39dcfb527d3651aecaea4bff0

  • SHA1

    22169dc16a4880a61ea0ac4881a453ee0ad831c5

  • SHA256

    22ab4c87cd7c6aa7a8919558ea0da97c33815e4a755fb7639a360c8a49813856

  • SHA512

    9b66c6c24c42ffea8b10035f4743cd8b7263f012b30fa8c77ae00d9e5fe226335bb1228c12b4caa01d454722a898aca8a88579fda312650a19a5dfdbf4532186

  • SSDEEP

    24576:91blW9sLBIvEWgGPVHL8ZZf3o6XXIuCGdXipeQggZj3H:9ytVg8HL8ZBpzopgUH

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 18 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.041cbfb39dcfb527d3651aecaea4bff0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.041cbfb39dcfb527d3651aecaea4bff0.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    PID:1924

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\xdccPrograms\7z.exe
          Filesize

          1.0MB

          MD5

          c13d9700c8784fd204189a11e6095793

          SHA1

          d3f6533706d9ae2c0f98585a979e94faad7c3eff

          SHA256

          1fff0759c83ce69fc28e81d3b1df20c09e3cd856c7f40e523a4b070e9d5a0161

          SHA512

          5cb66ba17fdf0e47eca22c3d3cc7a7b6409e1b354bb6e837c17d4d363af7a72f8117c0deb32274a7a801f346b0e762dee9d99b95ef796276ce9f25e2914d818d

          Download Submit

        • memory/1924-17-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-20-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-21-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-22-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-23-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-24-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-25-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-26-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-27-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-28-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-29-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-30-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-31-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download

        • memory/1924-32-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB

          Download