Analysis
-
max time kernel
133s -
max time network
101s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
07-05-2024 11:51
General
-
Target
64252efce31c7e0bf4afed046bdfb900_NEAS.exe
-
Size
428KB
-
MD5
64252efce31c7e0bf4afed046bdfb900
-
SHA1
d5b2177a81cf3be8f51db07f52357bf3847f4fe2
-
SHA256
fede00e9cde5244ce77e7e21badf50eabb11224807868b24aa2bfa11adc90c3c
-
SHA512
5e913ff6c1357d1ee48c0fbe95b5dd3d56aaf05667a13bb2e65a1d8049f0e3cd9730df6de62882f311678eb7bb1585c6fe3154a8801ab14fc4f27eeb7f17367f
-
SSDEEP
12288:Z594+AcL4tBekiuKzErR7jS/nKNkF5Im8MXpul:BL4tBekiuVrR7gKuF5TXpu
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe"C:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\43B0.tmp"C:\Users\Admin\AppData\Local\Temp\43B0.tmp" --helpC:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe F00CB9F88EC7B33B053C6B7D0E1BC4751B8B29F6077E01C563DF3A4048A319F806934BB90824B778E03C931A0A26D23A0FE51E0C1E6809E7993B58B6F6C1E53B2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5711958162e42303be24f28e1832132ce
SHA12501f5c90d51cacaee9c08ad43da2296bc3f18cc
SHA256ab09e340c4286db7b1aa6534849b8f37069fe8f5e0304ab83f882febfa3c1aa7
SHA512a1841fb7ff701c1a38f80df4aaa1482cf4a405a899a4030e9bf0d0b2ae5ed7844e280c71093c40d6a5a67ac4b08286ede6caa15300d194327d89e849a748354c