Overview

overview

6

Static

static

3

NEAS.13635...10.exe

windows7-x64

6

NEAS.13635...10.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    121s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2023, 19:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.13635ca6ac3e3ad758865e071f932710.exe

  • Size

    811KB

  • MD5

    13635ca6ac3e3ad758865e071f932710

  • SHA1

    ee1ec6ef1dd3f6ea9f5b96a6d90b12b8b5de29df

  • SHA256

    40ca8c4383a78b0e1be6e0e80aea635d8e5fbc69b5da7d6573dc7c6d00c65d33

  • SHA512

    8be6e19c02c78b6835fd6ca496bb2570647aeed524e2d0a65802726c3dad93230c502d8ab891ac0c5ad7c3bc5353b8a1dd9cbb84ff35ddc442e753e8332a9a9b

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a10:Hha8iAx+1zwjJHd6vB/ANMfwwfmvSW

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.13635ca6ac3e3ad758865e071f932710.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.13635ca6ac3e3ad758865e071f932710.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    821KB

    MD5

    d6320f8f2ee527bed6c99b4675356d42

    SHA1

    289d00f19e416430b3856fac8eb7e80ade5e8485

    SHA256

    cd30b5b46778be1fa7ccbe5e5c1a7659b3e44705a7bc4b8496ae7dfd353a077d

    SHA512

    01d3a1bec10bdb6300ab54a966dd6eba9e491c98f718f31ad35ef7255d211625e4254d57f6ebcd189de80b7627dc7937b24b493f4ad61f741f80129928266cda

    Download Submit

  • memory/2716-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2716-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download