Overview

overview

6

Static

static

3

NEAS.409d7...JC.exe

windows7-x64

6

NEAS.409d7...JC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2023 05:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.409d706e75b357d171c229fffc772ed0_JC.exe

  • Size

    831KB

  • MD5

    409d706e75b357d171c229fffc772ed0

  • SHA1

    090f8cb4cff943a31df8e11fd3f074cdaf173a78

  • SHA256

    df5bf342a502dab9865bfdc223f75c2a5bd9ba8ce478ea5b1d73d52eac8bb0c2

  • SHA512

    43fa2693b02c70c0d07ff027f4b82ccdf75bf9c6f8d486f60e9f4a8263ebbf9fc2953268fb537918d619ea5e79d05ed7e3d0922266006a1d1c00497c25b0ef5e

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1J:Hha8iAx+1zwjJHd6vB/ANMBIXw

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.409d706e75b357d171c229fffc772ed0_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.409d706e75b357d171c229fffc772ed0_JC.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    841KB

    MD5

    e4101ca2a759a4717c68fb39c024eda3

    SHA1

    1ff2848eae1f978b68929e6035605e451ca01a2b

    SHA256

    a2b84e80b7d456ef7079e78028ffd99d4020445e6a7d5634d3f282991bdfb573

    SHA512

    117dd8231150052d3a99bfd052f66aeeb31f4cdd2db153751c0e6f9f7c392bd102eaee981ccb24cac0273a6db16c45a159d3216c4e19ec4cbbc527330ee0afa7

    Download Submit

  • memory/2492-6-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download