Overview

overview

7

Static

static

3

NEAS.01c1c...e0.exe

windows7-x64

7

NEAS.01c1c...e0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-11-2023 08:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.01c1c7629ab9292b8d94f2234e0ae2e0.exe

  • Size

    412KB

  • MD5

    01c1c7629ab9292b8d94f2234e0ae2e0

  • SHA1

    1d94d1c6075b95b205af443a70999a169a3c48ab

  • SHA256

    e079e589840046bcc2284be98721b210635c91224d5a1d36912818aaa36d1aab

  • SHA512

    843c9ecdeab2983025974cae59511201e677a8d884b79a81f1021c32e3dffdcca02b574104aef0148d46d8455cc15de7604c488b1b1acdeb39d3bf2e1eaba06b

  • SSDEEP

    6144:+yscee08WPZyY18CTgPKfdV+iihrr7wX6s60J1JnFKfz9WeOCA+:cBtPZb8PKlV+iar/wKsX1JnFKfz97F

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.01c1c7629ab9292b8d94f2234e0ae2e0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.01c1c7629ab9292b8d94f2234e0ae2e0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\aoi9105.tmp
    Filesize

    172KB

    MD5

    81e2ccb1b59d4671c4576c9c2f33181a

    SHA1

    5f1df9936b0902647887e4bbb90d7afce61f1f9c

    SHA256

    6142ecefd8af17b32eb05d7d09b0f53fe272d79e96e873efdb12528d76ff9d05

    SHA512

    820adbd28cdf39935f8f730fae5a7abd34449a79ae815d8d68b022867dca1751aa9c1532dcb78d35391f7257577f1fb1face537985c8a98341dc8fbd5ffe1718

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\aoi9105.tmp
    Filesize

    172KB

    MD5

    81e2ccb1b59d4671c4576c9c2f33181a

    SHA1

    5f1df9936b0902647887e4bbb90d7afce61f1f9c

    SHA256

    6142ecefd8af17b32eb05d7d09b0f53fe272d79e96e873efdb12528d76ff9d05

    SHA512

    820adbd28cdf39935f8f730fae5a7abd34449a79ae815d8d68b022867dca1751aa9c1532dcb78d35391f7257577f1fb1face537985c8a98341dc8fbd5ffe1718

    Download Submit

  • memory/4176-0-0x0000000001000000-0x0000000001043000-memory.dmp

    Filesize

    268KB

    Download

  • memory/4176-6-0x0000000000A50000-0x0000000000AC3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/4176-8-0x0000000000A50000-0x0000000000AC3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/4176-11-0x0000000000A50000-0x0000000000AC3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/4176-15-0x0000000001000000-0x0000000001043000-memory.dmp

    Filesize

    268KB

    Download

  • memory/4176-22-0x0000000000A50000-0x0000000000AC3000-memory.dmp

    Filesize

    460KB

    Download