Overview

overview

6

Static

static

3

NEAS.e7b8c...00.exe

windows7-x64

6

NEAS.e7b8c...00.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    06/11/2023, 02:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.e7b8c7140a6e48c99ad5acd04ef1ed00.exe

  • Size

    899KB

  • MD5

    e7b8c7140a6e48c99ad5acd04ef1ed00

  • SHA1

    26f24eb2a8832199dd478f338132fe349e359082

  • SHA256

    fb53eed15e9e006d61b967f1bcf1570ac7b2bf65551f8a4b7c8ee9b00408848e

  • SHA512

    b9528ab7f9bb209d905b9ebec13815a34bccf926ca95f912abedf49f6bbd80aff46b6133e22437174faadafb61e8d912b1b65284e1d0ae9a293afc03f71824b4

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjJHzW9hUd56JsuBSjwA2i1vP2i1a1q:Hha8iAx+1zwjJHd6vB/ANMf1vCcw

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.e7b8c7140a6e48c99ad5acd04ef1ed00.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.e7b8c7140a6e48c99ad5acd04ef1ed00.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:1256

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    909KB

    MD5

    f5149834d217eac956e81742f37ec84a

    SHA1

    b8f61a839832884d44d6b26f4230754a9a309f8d

    SHA256

    d6610bb714ad55f9a8b671084bf9a99e72c7c29869ca4b1a76916d8c0985397b

    SHA512

    0500e8a70acb54b210d712def6e35042be000b72db8d1938309eb011b7c0ee874d0895af78f4c96b2829902878c92f0538fc0620c5b1fd6140e3bdd816f3de38

    Download Submit

  • memory/1256-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/1256-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download