Overview

overview

7

Static

static

3

NEAS.096b8...30.exe

windows7-x64

7

NEAS.096b8...30.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 19:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.096b8a00fda39d66e670b6f4ff6fd330.exe

  • Size

    409KB

  • MD5

    096b8a00fda39d66e670b6f4ff6fd330

  • SHA1

    8032684902e1a92cc07f2ad2cda2ae1ff4282959

  • SHA256

    1b14eadcdc59663987a6fb3ab1ee24a55c3f0409f8cca6819c2ae13ca5dca5c3

  • SHA512

    9eb6438ce1e6e1635827a122c133c07784e5c7251f7add156c1eebdc17a162d6179b2c6c61533d0b5de5b755ed31b1f0f7ee88cc0b9483cc84afc3a791331557

  • SSDEEP

    6144:ho+k6sXkPV9WBtpypFBK4Tu/6KDv0PvwnG1+eNgqHuLEZsHE1:GrWcDkpFBK4Tujv0PvE2Nley

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.096b8a00fda39d66e670b6f4ff6fd330.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.096b8a00fda39d66e670b6f4ff6fd330.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Users\Admin\AppData\Local\Temp\6E6C.tmp
      "C:\Users\Admin\AppData\Local\Temp\6E6C.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.096b8a00fda39d66e670b6f4ff6fd330.exe EE100F3CEAC643769162BFE478F765A4E097BAFB6224F3985B3516246BEE393F0D7F1D65FE5DF9E33F7E1E8577858954BDBFFF3E8C140717A500D6C0E82DAF79
      2⤵
      • Executes dropped EXE
      PID:2288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\6E6C.tmp
    Filesize

    409KB

    MD5

    7c897767102ab2bfc4ac92af5f202e62

    SHA1

    c583f63a06d77c7c97248f7a671fdd48fd42cbd4

    SHA256

    b405aae1ae9d64a3b2d65738467f41bc71e64bbbf3c9e8a9ff41763c93dd371e

    SHA512

    b389db03743a293be8195a5f817b81ed8e24a6a6b78322a2665780e62cf39f41edb363992c92e30585b26f92df7b68a153dae37a6180adfcf8f4635018bc2283

    Download Submit

  • \Users\Admin\AppData\Local\Temp\6E6C.tmp
    Filesize

    409KB

    MD5

    7c897767102ab2bfc4ac92af5f202e62

    SHA1

    c583f63a06d77c7c97248f7a671fdd48fd42cbd4

    SHA256

    b405aae1ae9d64a3b2d65738467f41bc71e64bbbf3c9e8a9ff41763c93dd371e

    SHA512

    b389db03743a293be8195a5f817b81ed8e24a6a6b78322a2665780e62cf39f41edb363992c92e30585b26f92df7b68a153dae37a6180adfcf8f4635018bc2283

    Download Submit