Overview

overview

6

Static

static

3

NEAS.6ef18...00.exe

windows7-x64

6

NEAS.6ef18...00.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    49s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 19:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.6ef18a49998f3a4542944a4396ba5a00.exe

  • Size

    704KB

  • MD5

    6ef18a49998f3a4542944a4396ba5a00

  • SHA1

    219064b77bda6affa3b74c0e213b0a91bed7ad85

  • SHA256

    dcaf81f80f54cee0074e334363fb0d8d30f72b13e07a80c33327f569bfc7b26c

  • SHA512

    195a8f04bd2ef6e41dd4b1b2c72f3d2d09e6d242514206f4914e5cb15cdd40a0acb7b88b0ee0cc40429226c8539fbea89a551b679b4ae6633366d9b8320c087b

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1Dzby:Hha8iAx+1zwjmHd6vB/jO11zbC

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.6ef18a49998f3a4542944a4396ba5a00.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.6ef18a49998f3a4542944a4396ba5a00.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    714KB

    MD5

    336b17c7b440662ade786cea9b27e648

    SHA1

    ae5059aa2b1a1a61c52785b499aa34b51daa14bd

    SHA256

    4060a8cd35898ebde3835e64dc2751689b1a51c77d3cd6f3332c4d4e2769b179

    SHA512

    3bac3a3768e4e0e69a1a6efa03489a2f63138ae48380f2ccdbe455380a255fd68399e25d0f9c2c5533ed7ff43dff3e11ee4268ceafc511172118c9c76fca62bf

    Download Submit

  • memory/2696-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2696-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download