Overview

overview

9

Static

static

3

NEAS.4c174...30.exe

windows7-x64

9

NEAS.4c174...30.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/11/2023, 05:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.4c174f4cdac99ef017ac9d8d2e440b30.exe

  • Size

    53KB

  • MD5

    4c174f4cdac99ef017ac9d8d2e440b30

  • SHA1

    1afa235e84b52da1cb8b9c07bdb69fc0152d788b

  • SHA256

    f15813ec79a70cf92a2a2a8178ddd8e610a53e4c9cf544fb8534b6eebe53d45e

  • SHA512

    ead5caa72778a1232b519f4e6664a129de8756a4b10a1032c9b4663437fe58942728c23a002be3a6899e8df1dfee4f22e70bc7f4f6c323e61a902eb643245325

  • SSDEEP

    768:W7BlphA7pARFbhOm0CAbLgt7BlphA7pARFbh6SCtU:W7ZhA7pApH1t7ZhA7pAp6SCtU

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (2916) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.4c174f4cdac99ef017ac9d8d2e440b30.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.4c174f4cdac99ef017ac9d8d2e440b30.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4140

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-3350690463-3549324357-1323838019-1000\desktop.ini.tmp
          Filesize

          54KB

          MD5

          639356bf30e3fdebb2a74c11fe8b7ec3

          SHA1

          985a7b38256d2d1122fba628850825993f59e9af

          SHA256

          d03823c463651bff131fa69a37ad731b7786f729e8af6c1d31c687fb4f90ffc3

          SHA512

          7aab30e107b261a6927db576f0f79c1558d51e4aa5bedf3f724abcd20decacd0cd52fcb77baf1858064aab98f2c196f7722669631078295f3695715dc254e9d8

          Download Submit

        • C:\odt\config.xml.exe
          Filesize

          55KB

          MD5

          31c78eee6bad89c4e2b3a65616c17e9c

          SHA1

          f62fa7973d7638181582d56f491c10fe8229926c

          SHA256

          b315985ad4ac8baf2acd88c3755e82cc65a7be6750896664db23f0332ccd267e

          SHA512

          2549cdcbc832bd07d023ec65799284bed6c56720934115aedd879973da3b2774db4b4ef46da5510ccadf817ef91920abe0e8d248f9fddccaee54060cf08696aa

          Download Submit