30a7f67ba9ddcda2b0bde2f9343a913b8bcd45b2fcfef28b3ce2ea71077f0099

Analysis

max time kernel
171s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
11/11/2023, 04:29

Target

NEAS.7ea67d7e9447568ea7356bcc5d47e600.exe
Size

2.2MB
MD5

7ea67d7e9447568ea7356bcc5d47e600
SHA1

b64eff83c990be690be2b96ec55952e8f6a49c2a
SHA256

30a7f67ba9ddcda2b0bde2f9343a913b8bcd45b2fcfef28b3ce2ea71077f0099
SHA512

5e49cd4df2e059e85e162405dc5dcb6118f40aa1a5a78e2af7c74f45373943331320185162e2a0f4e55e7ccc509407cd861cda205b6167ffcacb2333aa65b579
SSDEEP

24576:jfAzQNXciRCXciRkACyS6MUSTOKA3zOiwrnlYDF9zEzJeRqR21rDTfQPvQLqgI:jCQrR+RiMOzCF9zEz+qR21rDfT

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2192	NEAS.7ea67d7e9447568ea7356bcc5d47e600.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2192	NEAS.7ea67d7e9447568ea7356bcc5d47e600.exe

memory/2192-0-0x0000000074C80000-0x0000000075430000-memory.dmp

Filesize
7.7MB

Download
memory/2192-1-0x0000000000E70000-0x00000000010B0000-memory.dmp

Filesize
2.2MB

Download
memory/2192-2-0x0000000074C80000-0x0000000075430000-memory.dmp

Filesize
7.7MB

Download
memory/2192-3-0x00000000061E0000-0x0000000006784000-memory.dmp

Filesize
5.6MB

Download
memory/2192-4-0x0000000001940000-0x00000000019D2000-memory.dmp

Filesize
584KB

Download
memory/2192-5-0x0000000005B10000-0x0000000005B20000-memory.dmp

Filesize
64KB

Download
memory/2192-6-0x0000000001A60000-0x0000000001A6A000-memory.dmp

Filesize
40KB

Download
memory/2192-7-0x0000000005B10000-0x0000000005B20000-memory.dmp

Filesize
64KB

Download
memory/2192-8-0x0000000006890000-0x00000000069DE000-memory.dmp

Filesize
1.3MB

Download