Overview

overview

6

Static

static

3

NEAS.35375...60.exe

windows7-x64

6

NEAS.35375...60.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-11-2023 21:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.35375e2812be486322953d9c99b9ec60.exe

  • Size

    841KB

  • MD5

    35375e2812be486322953d9c99b9ec60

  • SHA1

    f0f96f3d97ce752c20dddd32d7a43f0a530166d4

  • SHA256

    b9e0604c992453e51a0e77225b2a9c19fe1777f0b21c4f7f98e9cb9531345684

  • SHA512

    4e3e5a8b71d04391c03d0f10af3a7172d0462d30d954c88e9e0f568d3f519baf2f54a4e9996aa078faf9f7a3db1b5cc132ae3e4fb78bd754487399a41b93a69f

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1p:Hha8iAx+1zwjJHd6vB/ANMBIXw

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.35375e2812be486322953d9c99b9ec60.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.35375e2812be486322953d9c99b9ec60.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:4520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    850KB

    MD5

    52303ef38dcc656fbfe0fd3dff55944c

    SHA1

    da53740b8cdbfd2a61ad347b461480b99e073f78

    SHA256

    7e7d5bc2324a369947291cbfcbf7a8b32d767e91d167f490e7ac0d209e8d05df

    SHA512

    a2b6dac1237a648d2324c6e88b70dcddc150352bf4a16c4b911d0ef770df38a6c0c74a5e6e54eace44d552234e20907151727c8bc50c10b1b2f27f391ee41d67

    Download Submit

  • memory/4520-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/4520-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download