Overview

overview

3

Static

static

3

NEAS.368bd...50.exe

windows7-x64

3

NEAS.368bd...50.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    171s
  • max time network
    200s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2023, 18:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.368bd05c03bce7ec88cd4764f3b40e50.exe

  • Size

    3.3MB

  • MD5

    368bd05c03bce7ec88cd4764f3b40e50

  • SHA1

    8b03b38e8a299bb9723c898dffb24df7bc446654

  • SHA256

    e008aea69fe714f5b879ec5ac97ed073023d20ad16146164cd40af50a6a5ea30

  • SHA512

    61bb08e0bf9fdb876905bcdc5e4b6e6a971f1ea6b6c18564eef40e3b6fe4575a503686b401ed1e7a576af31310008d7d250539eb855607433711da7b31118191

  • SSDEEP

    49152:1//SwVUSDVTh30n6A12GXO1GsVn9q4TbA5:1XSwSqtEbsGXbM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.368bd05c03bce7ec88cd4764f3b40e50.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.368bd05c03bce7ec88cd4764f3b40e50.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2992-0-0x00000000024E0000-0x00000000024E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2992-1-0x0000000000400000-0x000000000074B000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/2992-2-0x00000000024E0000-0x00000000024E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2992-3-0x0000000000400000-0x000000000074B000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/2992-7-0x0000000000400000-0x000000000074B000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/2992-8-0x0000000000400000-0x000000000074B000-memory.dmp

    Filesize

    3.3MB

    Download