Overview

overview

9

Static

static

3

NEAS.f510d...80.exe

windows7-x64

9

NEAS.f510d...80.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.f510d30315a9a5c2a029a8097ddb0780.exe

  • Size

    293KB

  • Sample

    231115-hq9dbafb9t

  • MD5

    f510d30315a9a5c2a029a8097ddb0780

  • SHA1

    df2e4733ec1f24b0955e92db04742dc8f06fbd51

  • SHA256

    d808e5267af33737b3f490919d696391a0b9508880233855feca9f3734383249

  • SHA512

    e3b01ab58663cd48f3693bef89a843e9c9658ad78d56291c4649416cb3227ea820acc7dcdaccdbfc1e0e60c7711361408f91e3d96ab5dfd339ee8999b8255cdd

  • SSDEEP

    3072:6e7WpukZktZgt94UxtSFN+wGLztqTSB3iR9vHpKmEGCLOwstyhZFChcssc56FUr8:Rqc2L4Ux0F3GkY389/pKvShcHUaJ

Score
9/10
ransomware

Malware Config

Targets

    • Target

      NEAS.f510d30315a9a5c2a029a8097ddb0780.exe

    • Size

      293KB

    • MD5

      f510d30315a9a5c2a029a8097ddb0780

    • SHA1

      df2e4733ec1f24b0955e92db04742dc8f06fbd51

    • SHA256

      d808e5267af33737b3f490919d696391a0b9508880233855feca9f3734383249

    • SHA512

      e3b01ab58663cd48f3693bef89a843e9c9658ad78d56291c4649416cb3227ea820acc7dcdaccdbfc1e0e60c7711361408f91e3d96ab5dfd339ee8999b8255cdd

    • SSDEEP

      3072:6e7WpukZktZgt94UxtSFN+wGLztqTSB3iR9vHpKmEGCLOwstyhZFChcssc56FUr8:Rqc2L4Ux0F3GkY389/pKvShcHUaJ

    Score
    9/10
    ransomware

    • Renames multiple (220) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Renames multiple (510) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks