Overview

overview

7

Static

static

7

NEAS.fe2e2...JC.exe

windows7-x64

7

NEAS.fe2e2...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-11-2023 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.fe2e297b5137866e0731f799c0e5f070_JC.exe

  • Size

    62KB

  • MD5

    fe2e297b5137866e0731f799c0e5f070

  • SHA1

    600a110904d2093e3151b8150b442e9fa7199a5a

  • SHA256

    cf7a08e3c2b9e5e7508d39dc2e978b0f59b9e60842f480ef9e2fa637b65d52d0

  • SHA512

    23d3b2aca2c864b7157a15dc7c9385cac0176c55f037016d871be8f5c4754587faaab3f6c3b6b8c7ecf2718d6b02f9a61293dfb56dedd490a0ea2c94b9ef5ed1

  • SSDEEP

    1536:y4QQ6NSyM61l19piO+LV8YEoI/EU9RUe4mCaY7+Knx:y4X6NSyfnpijeYEoIcq4wk+Knx

Score
7/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.fe2e297b5137866e0731f799c0e5f070_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.fe2e297b5137866e0731f799c0e5f070_JC.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\macromd\nikki nova sex scene huge dick blowjob.mpg.exe
    Filesize

    89KB

    MD5

    bb9b1ba59e1578a07a5988ad2ebe17b9

    SHA1

    e53145e96d4147deba84c4144cb5c12a3c6cff42

    SHA256

    cd9be844ab34019eb6ced1efd7a3b5f69bdfd832c3072b6396265a7b08bcf3ba

    SHA512

    81e40ff90e6afa71eeae9a0b2e698868957e68adda671c69f55d4c72280bfc40ad80c58f75206c43fe722157e57150912e989efc800e40542e7852c6a49b62d5

    Download Submit

  • memory/2744-0-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download

  • memory/2744-28-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download