8fea0e81fcb8b7081093095e26d13d957d5f14623bbc681008c5f53bfae467ba

Analysis

max time kernel
150s
max time network
125s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
13/11/2023, 06:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
Size

210KB
MD5

ccc1eb5c33b8b88e454a00dd6b257210
SHA1

9f19aa5e48c60caaf130b5996158d4407c228d7d
SHA256

8fea0e81fcb8b7081093095e26d13d957d5f14623bbc681008c5f53bfae467ba
SHA512

fda1b54ae1ad46fd8bd4f9b824b73cba46740046992ca64f07d3da59cabdff77a7310db03b785106d4a52cf86c736d232ccd0a17a412d4e1aa89409e80273238
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l5Q2jEj626ZmZMreUvreUX:RqKB+tOkWKR0nQ2jEj626ZmZkeUjeUX

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (592) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\da.pak.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\external_extensions.json.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IpsMigrationPlugin.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\mr.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Internet Explorer\F12Resources.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\System\msadc\msadcor.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bg.pak.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\PipeTran.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkWatson.exe.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Internet Explorer\networkinspection.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\System\ado\msado28.tlb.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\de-DE\WMM2CLIP.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-phonetic.xml.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Internet Explorer\iedvtool.dll.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-TW.pak.tmp	NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe"
1⤵
- Drops file in Program Files directory
PID:1232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3425689832-2386927309-2650718742-1000\desktop.ini.tmp

Filesize
210KB

MD5
bbcd7ed0a536ca0b7b658e6cf169d301

SHA1
fdd06268a62efe9a725bab236213cf657b0bc7be

SHA256
3985d999362dcb2a7ff33666dbb74cdd532e5fd22c2b97f7cd16392bdfe54a2d

SHA512
60fa08424b5181b8dd894092d4e506590cc100b3ec5ea801f0a12b3964b808b53447876759e5321a032476ec0231c1c698cf087b5a8799159aa93b4718d9b112

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
219KB

MD5
793537074f751667bab02952ecbf7933

SHA1
0b7b4227795387311440f682bf85359d2d7479eb

SHA256
ae8868f436b127da91192eca1ccaf0c0af1e14396bc4975959f0dfbfed86e492

SHA512
4ca533756009c7ed8f3be2f20ba35df4890fba6239d439c9e01b4dfc3a298b3db08b22b8f4e00e69c820163e0eb8050128f02ca07b6ace8b16de6d1136f855ab

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads