Overview

overview

8

Static

static

3

NEAS.f2c31...JC.exe

windows7-x64

8

NEAS.f2c31...JC.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-11-2023 21:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.f2c31c62bc7a72453e812e8124498500_JC.exe

  • Size

    168KB

  • MD5

    f2c31c62bc7a72453e812e8124498500

  • SHA1

    2621944902604362686c8795c5d8ade7034038dc

  • SHA256

    d34b69d7094c286ef9f6e8d5179a9a13355c2072bc081bdd7bccf0a57d6eb949

  • SHA512

    4d6e6099cf96f0c0a1d9e4a78512dad127d5687f3afb36622786f2f0f9f95af7e486aaa5216f7480613e7269ee2fef6b267674cab5f1632f78f3730571227623

  • SSDEEP

    3072:7W6h6Y6DxQKBL+UjcvS5is6vZX5Kv8S138WtA7Kzfk0saRQs:7W6h6NR+Uw80g9XA78fJsaRR

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.f2c31c62bc7a72453e812e8124498500_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.f2c31c62bc7a72453e812e8124498500_JC.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3384
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:4648

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe
    Filesize

    168KB

    MD5

    87416dfb98507f7c58eb0be2128fb40a

    SHA1

    bf3744240dc4860d4bcdfd778bf92cfa3d5574e0

    SHA256

    15e1c53e990a39240cb84378172167decf54fe6af81be26c0f27697fbbad7223

    SHA512

    1c22ffc37ab7cb87e99164f1b5b48c22da8e0e088f1f104da1f1945042e90dc8c7f6685d97ab86e394c339a0675678d4cdf805145bfa3dd61623907e9d063212

    Download Submit

  • C:\ProgramData\Mozilla\axfniqh.exe
    Filesize

    168KB

    MD5

    87416dfb98507f7c58eb0be2128fb40a

    SHA1

    bf3744240dc4860d4bcdfd778bf92cfa3d5574e0

    SHA256

    15e1c53e990a39240cb84378172167decf54fe6af81be26c0f27697fbbad7223

    SHA512

    1c22ffc37ab7cb87e99164f1b5b48c22da8e0e088f1f104da1f1945042e90dc8c7f6685d97ab86e394c339a0675678d4cdf805145bfa3dd61623907e9d063212

    Download Submit

  • memory/3384-0-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/3384-1-0x00000000021B0000-0x000000000220B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3384-6-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download

  • memory/4648-10-0x0000000000690000-0x00000000006EB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/4648-16-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB

    Download