Overview

overview

8

Static

static

3

NEAS.NEAS8...xe.exe

windows7-x64

8

NEAS.NEAS8...xe.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    125s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/11/2023, 16:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.NEAS81427b12b3f8dae3b7e96c12251d2a70exe.exe

  • Size

    134KB

  • MD5

    81427b12b3f8dae3b7e96c12251d2a70

  • SHA1

    9f92c14dbbd8fb767a6f70493915a46020cc1691

  • SHA256

    a420c3f6dcf1f87cf33d2e9bc1242c27d1a0e635c13e8f8708622e7aebf543e4

  • SHA512

    41a433615d85a670764173781ba32c2b862ae462f047335a029e6d40775ee7c9f81b15fcb0abad6a31e62eb6a1300e86e942a8e9bb0a41c91dcc59c7523e9f31

  • SSDEEP

    1536:NH5wZhGZmhunyQfnh7/NmuHSu6xx/4xBgnQT1dZXDo9dNc/ymiS0TX5D5qB0FMXU:pQsrhhx9yuk/47ZzomBm5D5LMXqNh

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.NEAS81427b12b3f8dae3b7e96c12251d2a70exe.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.NEAS81427b12b3f8dae3b7e96c12251d2a70exe.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3624
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe
    Filesize

    134KB

    MD5

    496bde4839854fa83f415618b7f0a589

    SHA1

    372f502299b8376beb8c26580ca0f1d16eea4fd6

    SHA256

    69605099c18e7cbf91296817c830231d1cfb354a1231e8bcdff8b2ad9517abdd

    SHA512

    511d9e6710efb4568620c17c37e18e159bf1b2edb99869b4e82ab846c768d1347f562bfba077081f494289eb3ad4a91ec8f62960981516618bd61e123ab7df99

    Download Submit

  • C:\ProgramData\Mozilla\axfniqh.exe
    Filesize

    134KB

    MD5

    496bde4839854fa83f415618b7f0a589

    SHA1

    372f502299b8376beb8c26580ca0f1d16eea4fd6

    SHA256

    69605099c18e7cbf91296817c830231d1cfb354a1231e8bcdff8b2ad9517abdd

    SHA512

    511d9e6710efb4568620c17c37e18e159bf1b2edb99869b4e82ab846c768d1347f562bfba077081f494289eb3ad4a91ec8f62960981516618bd61e123ab7df99

    Download Submit

  • memory/2244-12-0x00000000005E0000-0x000000000063B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/2244-17-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download

  • memory/3624-0-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download

  • memory/3624-1-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download

  • memory/3624-2-0x00000000021D0000-0x000000000222B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3624-7-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download