Overview

overview

9

Static

static

3

15ed5d04f1...AS.exe

windows7-x64

9

15ed5d04f1...AS.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/05/2024, 18:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    15ed5d04f1bf160c2dd9fff29aac23f1_NEAS.exe

  • Size

    74KB

  • MD5

    15ed5d04f1bf160c2dd9fff29aac23f1

  • SHA1

    3e02b253b722457e3e69b4de7d125f1985e7e9d0

  • SHA256

    09bb25c14abf6a91675e3ce2d21dd85249cc9e1014c3e305185b192dad1bbfd4

  • SHA512

    1825b7785021f41e8e97324d7ff315011e2042df42ac3f038d85d7ac4cee0cf2494776dfaf81cf6d35981a765c1f678ee67c544c40c9d4532f842ae6c99d7e5b

  • SSDEEP

    768:W7Blp9pARFbhQSox/6Sox/ME4JAIAepE4JAIAeuDlmlQPc3f6Pc3f5TGotuMOiJO:W7Z9pApQESOHepOHe8G+6E65TGAR9a

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4951) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15ed5d04f1bf160c2dd9fff29aac23f1_NEAS.exe
    "C:\Users\Admin\AppData\Local\Temp\15ed5d04f1bf160c2dd9fff29aac23f1_NEAS.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4848

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\$Recycle.Bin\S-1-5-21-3726321484-1950364574-433157660-1000\desktop.ini.tmp
          Filesize

          75KB

          MD5

          e6536d2ec119090e62699545159acab1

          SHA1

          20819e715d7b4abfb421a5abf5902f58ba3f2561

          SHA256

          3d9281a6ec982b476419ccb58770b3ea7b3690fb04b704384466af2068435697

          SHA512

          42fe48a5b89b3b75220134bca08678b04b0511835ba1864722c92c893f9b4b319cae95d8a359266dddd27d45aa366db132d6a26facd0ba4ee911f0804988d3a7

          Download Submit

        • C:\Program Files\7-Zip\7-zip.dll.tmp
          Filesize

          173KB

          MD5

          fa108fcbc1d68e5a1a62ec7786c4b5cd

          SHA1

          9326d8575b7d9f8e461ae254a34df43cd2605c85

          SHA256

          4ee431ad4d3a89b9c5ee095b22eddd286651bccc9d9cca21762ea3bd64a8df15

          SHA512

          511d7db284f72fef6cc08fc0fa53b6cf1f4cf0e50e2cd48eadbe60e21eff3158b4f081c04ca616b9cd87ecc3f8cd2c3eb14fd6c4cd3534a49657837039c6ded5

          Download Submit