Overview

overview

8

Static

static

3

NEAS.80566...60.exe

windows7-x64

8

NEAS.80566...60.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/11/2023, 21:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.805669c56f43c6873bf8258b43764760.exe

  • Size

    129KB

  • MD5

    805669c56f43c6873bf8258b43764760

  • SHA1

    d89515a5cf19c1c03e5b6bd1238ce9d579451bbc

  • SHA256

    d65b74cd6868c4ef09b1938ddd2bf12626a76452028aa193e284b574c3a8794f

  • SHA512

    ffbce16959d534cde99f829749f8ce116b6d3b79e444291435ad8387be7e74b9572fbb8965f55e130ccfc8e8a27142dd984ac8273d79b464fa8f6b6a69cf15c8

  • SSDEEP

    3072:OpLNSpPo0IQOSniEzAXaMKmlwO04rc5MTd40LwJV4:ekPo6OidzjwwL75Mxu4

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.805669c56f43c6873bf8258b43764760.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.805669c56f43c6873bf8258b43764760.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2876
  • C:\PROGRA~3\Mozilla\asqmzyj.exe
    C:\PROGRA~3\Mozilla\asqmzyj.exe -kewnvcd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:792

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\asqmzyj.exe
          Filesize

          129KB

          MD5

          78e51b33924479e7dc7e1ca803e63a2c

          SHA1

          ebdcf2023767fa61a2e999258e37e5f34f7f5678

          SHA256

          e64ced613e00a6072743c2ba6aef5be83805a5fc6a24946be19b0e7ae6ffffb3

          SHA512

          aa2b269dffb2357a82217489f2dd29931e99639a81d8270cb737b1b2a6e61725539be626b76dde33c59354dc5094bff0215499eb8eeb0c770e724c87a10d2f99

          Download Submit

        • C:\ProgramData\Mozilla\asqmzyj.exe
          Filesize

          129KB

          MD5

          78e51b33924479e7dc7e1ca803e63a2c

          SHA1

          ebdcf2023767fa61a2e999258e37e5f34f7f5678

          SHA256

          e64ced613e00a6072743c2ba6aef5be83805a5fc6a24946be19b0e7ae6ffffb3

          SHA512

          aa2b269dffb2357a82217489f2dd29931e99639a81d8270cb737b1b2a6e61725539be626b76dde33c59354dc5094bff0215499eb8eeb0c770e724c87a10d2f99

          Download Submit

        • memory/792-11-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/792-16-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/2876-1-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/2876-0-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/2876-2-0x0000000000470000-0x0000000000471000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2876-3-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download

        • memory/2876-9-0x0000000000400000-0x000000000045E000-memory.dmp

          Filesize

          376KB

          Download