7621f66cf722abe965b70f6e9ab76c489aa3a2d785e842fdfc23966b2b16e4f6

Analysis

max time kernel
131s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 03:33

Target

5c7db08782e89134757a132bf6777570_NEAS.exe
Size

64KB
MD5

5c7db08782e89134757a132bf6777570
SHA1

ff829321acf8ee50a70d046d04b0f69af57b3fe2
SHA256

7621f66cf722abe965b70f6e9ab76c489aa3a2d785e842fdfc23966b2b16e4f6
SHA512

d241bc13bce2778118d2b108a61a25e64db6ab4f8b08e674f552618674f84c7de76e7691acee51d5e1141b319b5150e7f6dec7e3e8a854f0fd4f1556e3d5909b
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtWY/SvIovP5st:tHoLde/OgV432UcP39hXJZnWr1PI

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/files/0x000a000000023bcd-4.dat	upx
behavioral2/memory/4312-9-0x0000000000400000-0x0000000000428000-memory.dmp	upx
behavioral2/memory/4312-103-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\dextor32.exe	5c7db08782e89134757a132bf6777570_NEAS.exe

C:\Users\Admin\AppData\Local\Temp\5c7db08782e89134757a132bf6777570_NEAS.exe
"C:\Users\Admin\AppData\Local\Temp\5c7db08782e89134757a132bf6777570_NEAS.exe"
1⤵
- Drops file in Windows directory
PID:4312

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

Filesize
64KB

MD5
5c7db08782e89134757a132bf6777570

SHA1
ff829321acf8ee50a70d046d04b0f69af57b3fe2

SHA256
7621f66cf722abe965b70f6e9ab76c489aa3a2d785e842fdfc23966b2b16e4f6

SHA512
d241bc13bce2778118d2b108a61a25e64db6ab4f8b08e674f552618674f84c7de76e7691acee51d5e1141b319b5150e7f6dec7e3e8a854f0fd4f1556e3d5909b

Download Submit
memory/4312-9-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/4312-103-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download