Overview

overview

7

Static

static

3

NEAS.1a177...b0.exe

windows7-x64

7

NEAS.1a177...b0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    82s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/11/2023, 07:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.1a177e44ce0af6e9a0de20d7e8b854b0.exe

  • Size

    171KB

  • MD5

    1a177e44ce0af6e9a0de20d7e8b854b0

  • SHA1

    e5dbcb6bc0c5c0bd4eaabc5c4e47743d8b015343

  • SHA256

    b771f04baa0225541d0e377d07843b6cee0fbd67ba0917b5db424afeed4f901a

  • SHA512

    dedb45de432a31178ad4098fcef00b81b13fedbeee4321cfae45c8da27e84051f48121b1b7bcc4419a7a6f051ec84598bf4b52137ac3e000aaf140694380d065

  • SSDEEP

    3072:S2qTc8JsfA/rpTeieAp0jVMz52M7I2yOUXjbF3dz8mrvX54IE:SvTc8J0WpTedSz5dc2yOUTxFnrvX54/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.1a177e44ce0af6e9a0de20d7e8b854b0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.1a177e44ce0af6e9a0de20d7e8b854b0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1536
  • C:\PROGRA~3\Mozilla\tmadqjh.exe
    C:\PROGRA~3\Mozilla\tmadqjh.exe -gglpwzh
    1⤵
    • Executes dropped EXE
    PID:60

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\PROGRA~3\Mozilla\tmadqjh.exe
          Filesize

          171KB

          MD5

          9c1a077b1f6062abca4cd3877c0aff26

          SHA1

          80b900b0036b381d338c3a801037a957f4f44a6d

          SHA256

          c37b64afa56e63f8b0e0dee141a3dc6c0bafe6ad8c382b3e5b79d4c6dfd81da0

          SHA512

          bd609c1ab213009ba115b5d2d43fcd81a3c1462488188ae56ba25bcf9386929264f000f8b551b9094c137ffa8d9f791b667f9e75644b9fd52eb63f99cf5473cf

          Download Submit

        • C:\ProgramData\Mozilla\tmadqjh.exe
          Filesize

          171KB

          MD5

          9c1a077b1f6062abca4cd3877c0aff26

          SHA1

          80b900b0036b381d338c3a801037a957f4f44a6d

          SHA256

          c37b64afa56e63f8b0e0dee141a3dc6c0bafe6ad8c382b3e5b79d4c6dfd81da0

          SHA512

          bd609c1ab213009ba115b5d2d43fcd81a3c1462488188ae56ba25bcf9386929264f000f8b551b9094c137ffa8d9f791b667f9e75644b9fd52eb63f99cf5473cf

          Download Submit

        • memory/1536-0-0x00000000021C0000-0x000000000221F000-memory.dmp

          Filesize

          380KB

          Download

        • memory/1536-1-0x0000000000400000-0x000000000045F000-memory.dmp

          Filesize

          380KB

          Download

        • memory/1536-3-0x00000000021C0000-0x000000000221F000-memory.dmp

          Filesize

          380KB

          Download

        • memory/1536-4-0x0000000000400000-0x000000000045F000-memory.dmp

          Filesize

          380KB

          Download

        • memory/1536-5-0x0000000000400000-0x000000000045F000-memory.dmp

          Filesize

          380KB

          Download