Overview

overview

8

Static

static

3

NEAS.f4161...80.exe

windows7-x64

8

NEAS.f4161...80.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    157s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2023 19:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.f41612bde57866ad2df3741db9b1ed80.exe

  • Size

    126KB

  • MD5

    f41612bde57866ad2df3741db9b1ed80

  • SHA1

    3a22dec5443c4ef4e8d68adbc11713821ed57422

  • SHA256

    98ac27468af8ff0aa870322c5e597d289cbf19e77a17654e7f2e33507c68d314

  • SHA512

    de8f90fca76b35fd3f54ba17f395493d6144491b30eba287a279d4aa733f6bbb10e85291d248c350af6f43ffbe05761f028b911e7bc7f39b9e9ce962adbb4feb

  • SSDEEP

    3072:5COqnKQybPLlGRqXcryRwAF0r+A/nZZaEDgF:5s5ybPL6mcrymK0SEZZXgF

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.f41612bde57866ad2df3741db9b1ed80.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.f41612bde57866ad2df3741db9b1ed80.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1336
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe
    Filesize

    126KB

    MD5

    d2c076a6f4e8c95ea6a9ba52df36e5d0

    SHA1

    fa344e7511b835644cbceb9ff56e7e5c20b6de30

    SHA256

    896a47a3297607f9f566625bba7ffd286a876343bda26af37738c8dc2c1d6865

    SHA512

    5cd05fa2c193081ae2599f2224e2a6f5f9b41d874e1a4c659b9ac104992dae253cab962f36e502256cf342e62a2bd2718e9be982219fd25a313132fc48c6d6e5

    Download Submit

  • C:\ProgramData\Mozilla\axfniqh.exe
    Filesize

    126KB

    MD5

    d2c076a6f4e8c95ea6a9ba52df36e5d0

    SHA1

    fa344e7511b835644cbceb9ff56e7e5c20b6de30

    SHA256

    896a47a3297607f9f566625bba7ffd286a876343bda26af37738c8dc2c1d6865

    SHA512

    5cd05fa2c193081ae2599f2224e2a6f5f9b41d874e1a4c659b9ac104992dae253cab962f36e502256cf342e62a2bd2718e9be982219fd25a313132fc48c6d6e5

    Download Submit

  • memory/1336-0-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1336-1-0x00000000025A0000-0x00000000025FB000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1336-6-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1460-12-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1460-13-0x0000000001040000-0x000000000109B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/1460-18-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download