Overview

overview

7

Static

static

3

NEAS.47dbe...90.exe

windows7-x64

7

NEAS.47dbe...90.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    250s
  • max time network
    269s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/11/2023, 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.47dbe68e08bbbd1ca5f96a6dcb7f4c90.exe

  • Size

    2.5MB

  • MD5

    47dbe68e08bbbd1ca5f96a6dcb7f4c90

  • SHA1

    9683531ae508c1409e3da121dfb5104ada65266d

  • SHA256

    4295db68c3ddec22b343d1cb86b07e89795c5c2be96141c3581e0722f2bc9c2d

  • SHA512

    8669f875085fef47073429db0a9059e7c0fa5adbced0c30898f1051627f20e4b33c4b9d3b423ef57dcf68bee90982a7153184aebdab2cb51f748bda198755167

  • SSDEEP

    49152:DIKPQLY5oDI7Mp3sNlR3r914w7OUnbMGAWSy5T3dUpj:6I763sZ3r914jubMGAWS7pj

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 25 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.47dbe68e08bbbd1ca5f96a6dcb7f4c90.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.47dbe68e08bbbd1ca5f96a6dcb7f4c90.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\iext1.fnr.bbs.125.la
    Filesize

    544KB

    MD5

    7568384741228f507442fcbfd2ba4d0b

    SHA1

    e4aa3772f6022bad7f4d1936be60f7266086cc5e

    SHA256

    1a90ed1033b4efd63299b389af948cc209531ce29de204b24552de59251a8fdf

    SHA512

    f4a911b6b91a1162554dc43d038c369d85ae4eec7cdc7e0b5faca00f4f94862ae10414c4797300ac8d61904eb4afcc1126304de2e296291d4db4f79203d4fc1b

    Download Submit

  • memory/3084-5-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-6-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-7-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-8-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-10-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-12-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-14-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-16-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-18-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-20-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-22-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-24-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-27-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-29-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-31-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-33-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-35-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-37-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-39-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-41-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-43-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-46-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-48-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-50-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/3084-51-0x000000006F880000-0x000000006F890000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3084-52-0x000000006F880000-0x000000006F890000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3084-54-0x0000000010000000-0x000000001003F000-memory.dmp

    Filesize

    252KB

    Download