Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-05-2024 12:02

General

  • Target

    6afe694ee7ee20233a963cd860d94380_NEAS.exe

  • Size

    36KB

  • MD5

    6afe694ee7ee20233a963cd860d94380

  • SHA1

    34ae16e60f84427f2584b3321babd1d49736219f

  • SHA256

    621322496cf7c294661b3d7ebaba7c91195eef519fdb506810209f7ef5793d5d

  • SHA512

    da9270f0ddfff153b97cb59ae8186c7aeff21731c91281b0376d0cc123a8bcbffa821b723da5217dcbfd6a22bf729cc624e8d4719a7b4fd8b10a28792871b1d5

  • SSDEEP

    768:jycqOQ0bwMK2M3fQde8Pfymg0M9EQfRo0ys/KzD:WcqOQbB3fQc8Pfymg0yxpByxzD

Score
10/10

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6afe694ee7ee20233a963cd860d94380_NEAS.exe
    "C:\Users\Admin\AppData\Local\Temp\6afe694ee7ee20233a963cd860d94380_NEAS.exe"
    1⤵
      PID:3912

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3912-0-0x0000000000400000-0x0000000000411000-memory.dmp

      Filesize

      68KB