64c621a8dc708ba605ae7f254d40742c3037122c5ca5c0d2cf8fd6d2a80fd729

Analysis

max time kernel
140s
max time network
104s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
07-05-2024 12:47

Target

88570c02fdd241ec90c4c921f39ffd50_NEAS.exe
Size

74KB
MD5

88570c02fdd241ec90c4c921f39ffd50
SHA1

e48cb7cdf884ad4a46c9c2ee7368dc0f2e7caafb
SHA256

64c621a8dc708ba605ae7f254d40742c3037122c5ca5c0d2cf8fd6d2a80fd729
SHA512

42dc3b0e6810c3ea14b32346c0c9161593b4c801ba28db279b26e6afad68034232718b3a6118772319cc44897c68182467123c0700863e3b757f7d25468ed3ff
SSDEEP

1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253u2DY:uF+LCofRLCgxSzXo8CgpIo53u2DY

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
5444	eahduhas.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\eahduhas.exe	88570c02fdd241ec90c4c921f39ffd50_NEAS.exe
File created	C:\Windows\SysWOW64\eahduhas.exe	88570c02fdd241ec90c4c921f39ffd50_NEAS.exe

C:\Users\Admin\AppData\Local\Temp\88570c02fdd241ec90c4c921f39ffd50_NEAS.exe
"C:\Users\Admin\AppData\Local\Temp\88570c02fdd241ec90c4c921f39ffd50_NEAS.exe"
1⤵
- Drops file in System32 directory
PID:5072
- C:\Windows\SysWOW64\eahduhas.exe
  "C:\Windows\SysWOW64\eahduhas.exe"
  2⤵
  - Executes dropped EXE
  PID:5444

C:\Windows\SysWOW64\eahduhas.exe

Filesize
71KB

MD5
e4e01cd1963d1aab5646ab151e42c85e

SHA1
838d44f95983c8c0a8a0823ff3d01669af4b414d

SHA256
d3b2f3a6228e692e330b2997063f75d7ec834b01fa550f0ac50939ef04115217

SHA512
32bde4f57ab75613cb90e467f0f740f3f4ad4eb08c6fd54fcd1b4d352e65b54a5c6a3ae1dcaa2e176b59ff728ca9278f3a70f2d1dfcbe85476e3ef9341fbe058

Download Submit
memory/5072-0-0x0000000077C02000-0x0000000077C03000-memory.dmp

Filesize
4KB

Download
memory/5072-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download