Analysis

  • max time kernel
    134s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-11-2023 20:19

General

  • Target

    NEAS.4531dd0756557d483b953e775b1a1be0.exe

  • Size

    166KB

  • MD5

    4531dd0756557d483b953e775b1a1be0

  • SHA1

    9d292516fe67e565b85820eb3db9a18d4a961ec9

  • SHA256

    7eceadc39b17eb369b0d3b99afa11e6244dd2db9939e8424a09cc26a8261a312

  • SHA512

    09330adc17b581a773d1e153a400333af4f069c5894725253d7d5c173c51445ec1af55e400b4a71c6cdcdd88c16daff46384fbd569550d0bd57541e0e0cadbaa

  • SSDEEP

    3072:hkRnaAw3U5uHZG2izxb6pXeJ7PQnxLbmHKKZzkvlNomKnYYssmehG9Neu1:CtaE5uHZG2izspLxLbWsKYz99gc

Score
8/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.4531dd0756557d483b953e775b1a1be0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.4531dd0756557d483b953e775b1a1be0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1692
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:4616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe

    Filesize

    166KB

    MD5

    0c5f5516181a53cb305a26d5d22a5753

    SHA1

    7e6ea31ed561737eb90bda89ee4dd6db08ff1178

    SHA256

    18856e93d74a0a7869477200835f23bb6ce9a499d141aab2ec95d68617bce0c2

    SHA512

    0d88acb59047699562a6b72091b655ac39fca339aefce869d224d95c314745c62c3665ab6c77acc8df2ef41935b9ceb940e6484a205c7533aa030900db4feab6

  • C:\ProgramData\Mozilla\axfniqh.exe

    Filesize

    166KB

    MD5

    0c5f5516181a53cb305a26d5d22a5753

    SHA1

    7e6ea31ed561737eb90bda89ee4dd6db08ff1178

    SHA256

    18856e93d74a0a7869477200835f23bb6ce9a499d141aab2ec95d68617bce0c2

    SHA512

    0d88acb59047699562a6b72091b655ac39fca339aefce869d224d95c314745c62c3665ab6c77acc8df2ef41935b9ceb940e6484a205c7533aa030900db4feab6

  • memory/1692-0-0x0000000000400000-0x000000000045E000-memory.dmp

    Filesize

    376KB

  • memory/1692-1-0x00000000021A0000-0x00000000021FB000-memory.dmp

    Filesize

    364KB

  • memory/1692-2-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/1692-4-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/1692-9-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/4616-10-0x0000000000E40000-0x0000000000E9B000-memory.dmp

    Filesize

    364KB

  • memory/4616-11-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB

  • memory/4616-15-0x0000000000E40000-0x0000000000E9B000-memory.dmp

    Filesize

    364KB

  • memory/4616-16-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB