Overview

overview

10

Static

static

10

INF_NEFT_Debit.exe

windows7-x64

3

INF_NEFT_Debit.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-11-2023 02:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    INF_NEFT_Debit.exe

  • Size

    2.3MB

  • MD5

    15dd21aa387a33edb3cc7ab6caf90664

  • SHA1

    5bc2c764c064f8c32217bff0938b1e79a0e486d6

  • SHA256

    5963db9ee022b1331aa48c1c8c3b9b75bafb2f0297dced1928e88bdea3f790c8

  • SHA512

    efc58f93bf628b98454fd22f6c2f540519829f752cd62b3d05f0695593a6ceca16f8261a8a61966518630f8a7110ba79d6240db0aeca4a445f27b7bbe18d8dd8

  • SSDEEP

    49152:AWkWk5cS7a+9XYaQlZehc4mTYJ78V9gyBn4cSfmP/SA8N:A6ajJiZ942KQV9hp4xfmP/SA8

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\INF_NEFT_Debit.exe
    "C:\Users\Admin\AppData\Local\Temp\INF_NEFT_Debit.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3192
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
      2⤵
        PID:2504

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads