c686f0d296b920a1bea05cc1213e5a5b2c10eef479f44a7a8ba71b2c4f69ae0a

Analysis

max time kernel
29s
max time network
46s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
02/11/2023, 16:46

Target

NEAS.NEAS95018bf88c075ac14dd784889a0163b0exe.exe
Size

156KB
MD5

95018bf88c075ac14dd784889a0163b0
SHA1

58f2de57e1465a0dad00fdfc8485b83dda080fd1
SHA256

c686f0d296b920a1bea05cc1213e5a5b2c10eef479f44a7a8ba71b2c4f69ae0a
SHA512

39b1bfaebc95616d1cd02f162ec49434a2f20adac0848360a2713d0edef3c3a578426d65810466db07df3ab8dd3330518e779b318e075fe9d906c3c9e2d83046
SSDEEP

3072:WxA2Z9ed5OgrPWW4efRp2oCdWeiJtgUxohinuAtNJk6soIuv1BmLSo:WJ9ed5/ejeJpxCdstgUmZ6NR+uih

Score

7^/10

aspackv2

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
behavioral2/files/0x0007000000022e73-5.dat	aspack_v212_v242
behavioral2/files/0x0007000000022e73-6.dat	aspack_v212_v242

Executes dropped EXE 1 IoCs

pid	Process
1912	gpypjxc.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\PROGRA~3\Mozilla\gpypjxc.exe	NEAS.NEAS95018bf88c075ac14dd784889a0163b0exe.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.NEAS95018bf88c075ac14dd784889a0163b0exe.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.NEAS95018bf88c075ac14dd784889a0163b0exe.exe"
1⤵
- Drops file in Program Files directory
PID:4768

C:\PROGRA~3\Mozilla\gpypjxc.exe
C:\PROGRA~3\Mozilla\gpypjxc.exe -tripsff
1⤵
- Executes dropped EXE
PID:1912

C:\PROGRA~3\Mozilla\gpypjxc.exe

Filesize
156KB

MD5
725f8730e64eda048ae8d14323b9219b

SHA1
43a38a123ed989078d97c15d689f82878a365031

SHA256
6d4d44e6f6f839616bec9e1558fbd4cf8371b41536ec112a45a575e44bc63898

SHA512
42f1af58b7637a89957cf0473a41e09cdbacc12418f65aeccc6e3c33d4f784b96c528775bc8019a03304ee7561287bc53a9369763cd9c955b6c4b264241abe16

Download Submit
C:\ProgramData\Mozilla\gpypjxc.exe

Filesize
156KB

MD5
725f8730e64eda048ae8d14323b9219b

SHA1
43a38a123ed989078d97c15d689f82878a365031

SHA256
6d4d44e6f6f839616bec9e1558fbd4cf8371b41536ec112a45a575e44bc63898

SHA512
42f1af58b7637a89957cf0473a41e09cdbacc12418f65aeccc6e3c33d4f784b96c528775bc8019a03304ee7561287bc53a9369763cd9c955b6c4b264241abe16

Download Submit
memory/1912-10-0x0000000000400000-0x000000000045E000-memory.dmp

Filesize
376KB

Download
memory/4768-0-0x0000000000400000-0x000000000045E000-memory.dmp

Filesize
376KB

Download
memory/4768-1-0x0000000000400000-0x000000000045E000-memory.dmp

Filesize
376KB

Download
memory/4768-2-0x00000000020D0000-0x000000000212B000-memory.dmp

Filesize
364KB

Download
memory/4768-3-0x0000000000400000-0x000000000045B000-memory.dmp

Filesize
364KB

Download
memory/4768-8-0x0000000000400000-0x000000000045B000-memory.dmp

Filesize
364KB

Download
memory/4768-9-0x00000000020D0000-0x000000000212B000-memory.dmp

Filesize
364KB

Download