Overview

overview

8

Static

static

3

NEAS.6894d...c0.exe

windows7-x64

8

NEAS.6894d...c0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    134s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-11-2023 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.6894dc6a90b7f51cfa71e326ab7375c0.exe

  • Size

    138KB

  • MD5

    6894dc6a90b7f51cfa71e326ab7375c0

  • SHA1

    502830fb5c206b02c78f440ed0fdd19a233587e7

  • SHA256

    f85a7a839fa197a04d5beeaf1a14f2d4c7faa96a7dcf205f9feee33de778ba7b

  • SHA512

    ef6ec5c391725ccd0a8f05076d1c372a22382f7b1f21bf7545ea507df5edce6d8b15574a86bb6d561cf709d85f6b978c00b6886c492e35a86679916bf5726ace

  • SSDEEP

    3072:oIoBFe14D81ADyvm9fLSiVb/OLZsNp7celajOleOxt:oIoBFegDSm9T1b2LyjRAceOxt

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.6894dc6a90b7f51cfa71e326ab7375c0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.6894dc6a90b7f51cfa71e326ab7375c0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3692
  • C:\PROGRA~3\Mozilla\axfniqh.exe
    C:\PROGRA~3\Mozilla\axfniqh.exe -pdtylqd
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\axfniqh.exe
    Filesize

    138KB

    MD5

    60cfa631e1cb3fc44486c1043dc337a0

    SHA1

    3f26c1da1de7a1061fbf4efacc389763ee440cc4

    SHA256

    6d570a04699ccd8bdbdf3dd4c7b2ed02425bc4734a8fe747508a39c3b0686feb

    SHA512

    a5572d74c5de73bda9c33cb374ae8e513eaa0e294aa7f8496b15bc17c2d0fdaedf0ad36d9705da542847cea5557ea3bd0557c67b0c8a419013ae8dd004c852e2

    Download Submit

  • C:\ProgramData\Mozilla\axfniqh.exe
    Filesize

    138KB

    MD5

    60cfa631e1cb3fc44486c1043dc337a0

    SHA1

    3f26c1da1de7a1061fbf4efacc389763ee440cc4

    SHA256

    6d570a04699ccd8bdbdf3dd4c7b2ed02425bc4734a8fe747508a39c3b0686feb

    SHA512

    a5572d74c5de73bda9c33cb374ae8e513eaa0e294aa7f8496b15bc17c2d0fdaedf0ad36d9705da542847cea5557ea3bd0557c67b0c8a419013ae8dd004c852e2

    Download Submit

  • memory/3024-12-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/3024-13-0x0000000001030000-0x000000000108B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3024-18-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/3692-0-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/3692-1-0x0000000002330000-0x000000000238B000-memory.dmp

    Filesize

    364KB

    Download

  • memory/3692-6-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download