Overview

overview

3

Static

static

3

NEAS.b475d...JC.exe

windows7-x64

1

NEAS.b475d...JC.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    05-11-2023 03:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.b475dd1f999fbba5798ce177f7549280_JC.exe

  • Size

    92KB

  • MD5

    b475dd1f999fbba5798ce177f7549280

  • SHA1

    5377c4f9708c0996629199c3bbaef3e88a32517a

  • SHA256

    f13b1d3990ddca3a987b5124e420f6581ed8cac776a31d055f1749ad207cc612

  • SHA512

    256e73923948c0ccf8415fc28b22ab065db097fb998776ccf780954fdc3a737703f01b0d3edf2e5de4e7cfb79f6b332be219dc6d1ee6071f3d3165b9737e08af

  • SSDEEP

    1536:nMKC46IUSRJS09f3BshlnSaqa6MJGNDidRLWmMQhkbiIhkQxsX3GgtAccysBc+QG:nMXlAxsjnTFnUERimMQhkbiIhkQm3GgQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.b475dd1f999fbba5798ce177f7549280_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.b475dd1f999fbba5798ce177f7549280_JC.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3064-0-0x00000000000B0000-0x00000000000CE000-memory.dmp

    Filesize

    120KB

    Download

  • memory/3064-1-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3064-2-0x000000001AFC0000-0x000000001B040000-memory.dmp

    Filesize

    512KB

    Download

  • memory/3064-3-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3064-4-0x000000001AFC0000-0x000000001B040000-memory.dmp

    Filesize

    512KB

    Download