Overview

overview

7

Static

static

7

NEAS.a7f43...30.exe

windows7-x64

7

NEAS.a7f43...30.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/11/2023, 07:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.a7f4308c7faf91b6c1a8f110fc4b6a30.exe

  • Size

    89KB

  • MD5

    a7f4308c7faf91b6c1a8f110fc4b6a30

  • SHA1

    bacf5a3a6e1e64185769d9f6e50771d4df8bfb7a

  • SHA256

    f66988544270460344d76e1149517e986aa2eb9f3e8ed3bc604789255b495b5c

  • SHA512

    382746bb6752428e2d80dac2e418560f0df5c1487101ce297ec1018a5c88b20d6010c53d0a4265c7c497f6b6c87a9edaa825581a08e184e3ff7e33fb4aaf1141

  • SSDEEP

    1536:Q4QQ6NSyM61l19piO+LV8YEoI/EU9RUe4mkOW0ITsQ3bFZHFlneXP:Q4X6NSyfnpijeYEoIcq4pvbPref

Score
7/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.a7f4308c7faf91b6c1a8f110fc4b6a30.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.a7f4308c7faf91b6c1a8f110fc4b6a30.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\macromd\Kama Sutra Tetris.exe
    Filesize

    85KB

    MD5

    a79e062f44bc188079a4a195d19d9458

    SHA1

    0eaa7514b0dce50a30e23d9abb6d38d1a259f6b8

    SHA256

    4a96fe3a5d3b4c2a2d36fd5fbcb7ecdd37a56305bfc1ed5c0e445a923864c4ae

    SHA512

    e80fa9d3f302367d80017e876bf5f9b09d4ba2d5b6449f80bece87bed91fade308088d8c1cd31eb0d4810017e2b06804ccfeb11d259a5d8d620e97bafa49627c

    Download Submit

  • memory/2172-0-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download

  • memory/2172-28-0x0000000000400000-0x0000000000464000-memory.dmp

    Filesize

    400KB

    Download