Overview

overview

7

Static

static

3

NEAS.a3bfb...a0.exe

windows7-x64

7

NEAS.a3bfb...a0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    02-11-2023 16:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe

  • Size

    316KB

  • MD5

    a3bfb1b6610d2556cd79a846688deaa0

  • SHA1

    9658f4e2d75dd0f1f9a2b49cef02ae141b609035

  • SHA256

    7c68ca16235518d35547d82bbaaaee9db3586427dd17d2116c401ffb58549aae

  • SHA512

    c05e69d84f7d05773e3941163b2d63801e314c43b5da1181b4fa71d30b9d0e13c59683cee0a44473e1d793c9416571edba935ee9b18b971dc363404d3bad1c73

  • SSDEEP

    6144:dnMfIq+XLROUxHXGmUReIyZyCcgHuVzOaO+tZGr:dMgZXNOUBXXRTOAz+Gr

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe.back
      "C:\Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe.back"
      2⤵
      • Executes dropped EXE
      PID:2212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe.back
    Filesize

    316KB

    MD5

    ba5a28809574d786b72803447e7c80b0

    SHA1

    aa035a1ef3e0da981d4c1c25a30b0be57afc41e0

    SHA256

    7bdc4e7a095724d3a6118905efec59e2dffaf45f7502ccad01e5bc24e65dd5d6

    SHA512

    e1962ff3f3ad9bbaf8a7ac10612241e7b3231bd650892fb6557d2be7c4a71e7db9452ee1fa0c6b06ebd9a708ae8f00d95bfb2b0f6dea5040113665241a69cf73

    Download Submit

  • \Users\Admin\AppData\Local\Temp\NEAS.a3bfb1b6610d2556cd79a846688deaa0.exe.back
    Filesize

    316KB

    MD5

    ba5a28809574d786b72803447e7c80b0

    SHA1

    aa035a1ef3e0da981d4c1c25a30b0be57afc41e0

    SHA256

    7bdc4e7a095724d3a6118905efec59e2dffaf45f7502ccad01e5bc24e65dd5d6

    SHA512

    e1962ff3f3ad9bbaf8a7ac10612241e7b3231bd650892fb6557d2be7c4a71e7db9452ee1fa0c6b06ebd9a708ae8f00d95bfb2b0f6dea5040113665241a69cf73

    Download Submit