Overview

overview

9

Static

static

3

NEAS.ccc1e...10.exe

windows7-x64

9

NEAS.ccc1e...10.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/11/2023, 06:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe

  • Size

    210KB

  • MD5

    ccc1eb5c33b8b88e454a00dd6b257210

  • SHA1

    9f19aa5e48c60caaf130b5996158d4407c228d7d

  • SHA256

    8fea0e81fcb8b7081093095e26d13d957d5f14623bbc681008c5f53bfae467ba

  • SHA512

    fda1b54ae1ad46fd8bd4f9b824b73cba46740046992ca64f07d3da59cabdff77a7310db03b785106d4a52cf86c736d232ccd0a17a412d4e1aa89409e80273238

  • SSDEEP

    3072:6e7WpMNca3rytOkWpXfnYRl2l5Q2jEj626ZmZMreUvreUX:RqKB+tOkWKR0nQ2jEj626ZmZkeUjeUX

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (2456) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.ccc1eb5c33b8b88e454a00dd6b257210.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1288

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-3811856890-180006922-3689258494-1000\desktop.ini.tmp
          Filesize

          210KB

          MD5

          e2f002e9c275564c3444b35e2eca543b

          SHA1

          cbd2f7e94c81efb9c68ede1cc4e3a6a39d9c78f8

          SHA256

          830e1d14f5b1d4c1e5df6006bd3d6d4120b2e2dc39db61f57279014805ee4942

          SHA512

          8356a31d96e4ebd0386cd276ddbe146357119bd27ff05c671ec473a7cded65d9e6cdd1706610d99041786c42dbcb2aaacd0811aefe8248e540955fe2d265dcf7

          Download Submit

        • C:\odt\config.xml.tmp
          Filesize

          211KB

          MD5

          6b7810d23d2943498343f2ee42723727

          SHA1

          a3b27749623b54d1d88ec068fb40d0c802d16afc

          SHA256

          4d0696ce9560c778bf33fef71b41c6f2fe8f7ba6a65ec1c7e5ba694e701dd117

          SHA512

          3ea2936dc66aa02807c34e7ab8c4a6a6e177cbf2a440c0347375c0125f7c9b903980689f71cdd93cefb467136da8cc3097d36a678ef535117429e2b264f81ae5

          Download Submit