b56defce4846c74d833031f1d6ab9901924514d23cbb46fa331c34a18042c4b6 | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
05/11/2023, 07:28

Sharing

Report Analysis Logs

General

Target

NEAS.c7561dfbc3fc840feb35be22c4de7360.exe
Size

5KB
MD5

c7561dfbc3fc840feb35be22c4de7360
SHA1

48fb94bf7fc42febbdde02ff64722323bdbfda4e
SHA256

b56defce4846c74d833031f1d6ab9901924514d23cbb46fa331c34a18042c4b6
SHA512

a45e7ff5ee32b9d48e213811e02370f71a09b28202604706ec3002204f7e3930fa8d733d814f301bbb7dc7773e75b15af1f72e5ba7a9f4e64da0497b9537fe76
SSDEEP

96:qrtHFXoDqMPcgqGFaWR9DpbdOvdddwTr3U2i+Oor:6FXQxqRcpbdON2i+Oor

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2176 wrote to memory of 2868	2176	NEAS.c7561dfbc3fc840feb35be22c4de7360.exe	30
PID 2176 wrote to memory of 2868	2176	NEAS.c7561dfbc3fc840feb35be22c4de7360.exe	30
PID 2176 wrote to memory of 2868	2176	NEAS.c7561dfbc3fc840feb35be22c4de7360.exe	30

C:\Users\Admin\AppData\Local\Temp\NEAS.c7561dfbc3fc840feb35be22c4de7360.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.c7561dfbc3fc840feb35be22c4de7360.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2176
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\20231105T072841_867.exe
  2⤵
  PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads