Overview

overview

8

Static

static

3

NEAS.338ea...d0.exe

windows7-x64

8

NEAS.338ea...d0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    18s
  • max time network
    22s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/11/2023, 08:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.338ea3abcd760c605a5755d49322cad0.exe

  • Size

    134KB

  • MD5

    338ea3abcd760c605a5755d49322cad0

  • SHA1

    20ebf31d149f5ef4700687baf42d619cc5b5fae1

  • SHA256

    08a577f2736fab5156d8c01dcdaa1d2d664edb1c9d3f50f8f203cb1b85560dd5

  • SHA512

    c2e7291c2e386758bf69ae670fd1d415e6e165f029adb6bb56ff906ae67a06e18a545f6bd0ef662582e1a2bdb0278a444661a83cc672937222ed422bd1b1318f

  • SSDEEP

    3072:jcjzzvzm/Z7Uy1tVkBiyyUzGBk9VeFS43tqPJpPso:Ua/ZT/UKBk749Cv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.338ea3abcd760c605a5755d49322cad0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.338ea3abcd760c605a5755d49322cad0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2900
  • C:\PROGRA~3\Mozilla\yqzqgud.exe
    C:\PROGRA~3\Mozilla\yqzqgud.exe -ikphvdj
    1⤵
    • Executes dropped EXE
    PID:2964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\yqzqgud.exe
    Filesize

    134KB

    MD5

    492b911e05e547035a9681845671b2fe

    SHA1

    6dc388d24312f43c2af41d6288bd49e70810d421

    SHA256

    73b0fbec65e07d243fd6d6b46ab38da2a6b6e0b0ea4429d5bc6817999dbdf3b2

    SHA512

    c3a1807cc57a980a057141b823d8958cbf745955a175ab60e8ec5e8b399f3a624469bae7b09b4e859448b7a35494d1c21804d7637c4a3dc0a01e9b6c325659b1

    Download Submit

  • C:\ProgramData\Mozilla\yqzqgud.exe
    Filesize

    134KB

    MD5

    492b911e05e547035a9681845671b2fe

    SHA1

    6dc388d24312f43c2af41d6288bd49e70810d421

    SHA256

    73b0fbec65e07d243fd6d6b46ab38da2a6b6e0b0ea4429d5bc6817999dbdf3b2

    SHA512

    c3a1807cc57a980a057141b823d8958cbf745955a175ab60e8ec5e8b399f3a624469bae7b09b4e859448b7a35494d1c21804d7637c4a3dc0a01e9b6c325659b1

    Download Submit

  • memory/2900-0-0x0000000000400000-0x0000000000465000-memory.dmp

    Filesize

    404KB

    Download

  • memory/2900-1-0x0000000000400000-0x0000000000465000-memory.dmp

    Filesize

    404KB

    Download

  • memory/2900-2-0x0000000000720000-0x0000000000721000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2900-3-0x0000000000400000-0x0000000000465000-memory.dmp

    Filesize

    404KB

    Download

  • memory/2900-8-0x0000000000400000-0x0000000000465000-memory.dmp

    Filesize

    404KB

    Download

  • memory/2964-10-0x0000000000400000-0x0000000000465000-memory.dmp

    Filesize

    404KB

    Download