Overview

overview

8

Static

static

3

NEAS.e20e1...JC.exe

windows7-x64

8

NEAS.e20e1...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    66s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/11/2023, 10:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.e20e1b5821cc135dc179f845c278a280_JC.exe

  • Size

    166KB

  • MD5

    e20e1b5821cc135dc179f845c278a280

  • SHA1

    c09344cd4823512d25a730be4226f91be838865a

  • SHA256

    76dcf5778f75f8cb41e29d94e9ee3e078d5ec03c79ffe0f15b67d30c40ab56e5

  • SHA512

    8d7832f4f045651805192c8e88a0ee4a91017ecbcef4bebc882903fdba8a71dce31e71c60a582a9861270dfd3600de7be189f34e9273cfb60f19156a58f044dd

  • SSDEEP

    3072:hkRnaAw3U5uHZG2izxb6pXeJ7PQnxLbmHKKZzkvlNomKnYYssmehG9Neua:CtaE5uHZG2izspLxLbWsKYz99gX

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.e20e1b5821cc135dc179f845c278a280_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.e20e1b5821cc135dc179f845c278a280_JC.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1376
  • C:\PROGRA~3\Mozilla\ghezyal.exe
    C:\PROGRA~3\Mozilla\ghezyal.exe -cypomaj
    1⤵
    • Executes dropped EXE
    PID:3880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\ghezyal.exe
    Filesize

    166KB

    MD5

    7b08a31432e3401dc43d1fbf0b40924e

    SHA1

    c314f6d17e1156f3b0c957655f38365e53c1be32

    SHA256

    3126f3bf3bf386a146c1f57f7a65e24b3d3aa14f470205748fc32c32c8f2570b

    SHA512

    a99967585347f6e4c679baddf318f1cef985c06ebdd04b793b2b98c778b71f94fe92a27d6c6281d489bb7506579a3b5e695682cfbe810ecb2ea36b00e20a755f

    Download Submit

  • C:\ProgramData\Mozilla\ghezyal.exe
    Filesize

    166KB

    MD5

    7b08a31432e3401dc43d1fbf0b40924e

    SHA1

    c314f6d17e1156f3b0c957655f38365e53c1be32

    SHA256

    3126f3bf3bf386a146c1f57f7a65e24b3d3aa14f470205748fc32c32c8f2570b

    SHA512

    a99967585347f6e4c679baddf318f1cef985c06ebdd04b793b2b98c778b71f94fe92a27d6c6281d489bb7506579a3b5e695682cfbe810ecb2ea36b00e20a755f

    Download Submit

  • memory/1376-0-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

    Download

  • memory/1376-1-0x0000000002310000-0x000000000236B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1376-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1376-5-0x0000000002310000-0x000000000236B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1376-9-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3880-10-0x0000000000E40000-0x0000000000E9B000-memory.dmp

    Filesize

    364KB

    Download