98b66cd9136f741eef5ab4f3953b3ae360ee442d9e125a82c1d9fd24fad8ace3

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27-05-2024 13:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

neo.exe
Size

6.6MB
MD5

0cc6f55c76921b1203f0959f535db957
SHA1

6ffca576f55e053e1613371fe7efe620a367551e
SHA256

98b66cd9136f741eef5ab4f3953b3ae360ee442d9e125a82c1d9fd24fad8ace3
SHA512

74bee84563863d1ce6514ab171c658ef3c43b56f14a7546196431199e5ba14f6819ef8104e4314e3b5c53a18b9198bc40e0c7a03f04cd579114c96e9bd3b560f
SSDEEP

196608:jSP6CsXDjDyfEEEbnaAo00ViavGO8RENVBF8X:5CEDDpbnx0VtvG5RENVBF8X

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 6 IoCs

Processes:

neo.exe

pid process

508 neo.exe
508 neo.exe
508 neo.exe
508 neo.exe
508 neo.exe
508 neo.exe
Suspicious use of WriteProcessMemory 2 IoCs

Processes:

neo.exe

description pid process target process

PID 3480 wrote to memory of 508 3480 neo.exe neo.exe
PID 3480 wrote to memory of 508 3480 neo.exe neo.exe

pid	process
508	neo.exe
508	neo.exe
508	neo.exe
508	neo.exe
508	neo.exe
508	neo.exe

description	pid	process	target process
PID 3480 wrote to memory of 508	3480	neo.exe	neo.exe
PID 3480 wrote to memory of 508	3480	neo.exe	neo.exe

C:\Users\Admin\AppData\Local\Temp\neo.exe
"C:\Users\Admin\AppData\Local\Temp\neo.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3480

C:\Users\Admin\AppData\Local\Temp\neo.exe
"C:\Users\Admin\AppData\Local\Temp\neo.exe"
2⤵
- Loads dropped DLL
PID:508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI34802\VCRUNTIME140.dll
Filesize
94KB

MD5
18049f6811fc0f94547189a9e104f5d2

SHA1
dc127fa1ff0aab71abd76b89fc4b849ad3cf43a6

SHA256
c865c3366a98431ec3a5959cb5ac3966081a43b82dfcd8bfefafe0146b1508db

SHA512
38fa01debdb8c5369b3be45b1384434acb09a6afe75a50a31b3f0babb7bc0550261a5376dd7e5beac74234ec1722967a33fc55335b1809c0b64db42f7e56cdf7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\_ctypes.pyd
Filesize
117KB

MD5
ef85694838f1a67daead7630564b4125

SHA1
d757453874c8a3a78ceb1efa14121c2292d7d093

SHA256
7940fdfefffbffc648fed5be68e5871f2509bd07b422fb1b40aafddbd11e7cb5

SHA512
200a4e8016c751d33a24cdaa26f9b4963377c2d0ab6e4b95812b808ee55325bd2e1b015eee19d8b092ef325a498f9e6c776bccf4782b98d416a5887a779c2543

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\_socket.pyd
Filesize
73KB

MD5
aaffa2ed93af9ccd712adcdc108d7c61

SHA1
f157c55f623c8b34b9cc290cc278cbc3d041422f

SHA256
cad49ce76d8db8cd9b608bcb7b138065e5d478bfc712b46c3f99cb7901ae9b82

SHA512
affc1baf569f6c98bd4f7465e344716bd37c1d4655f64ed9d6f678d26f12554c950e82c4c856eddcb78c92b910db4ece20e470f06fad2a260169a1292ed20a2c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\base_library.zip
Filesize
810KB

MD5
ba641a126772460f68dfc993b2de748c

SHA1
fffd57f11011575dce1eb5a471bca87a37a91b72

SHA256
62e353780e56a61fa61438a557a7f70edf7f44408b3420694aa355cc647eaa1a

SHA512
b882468163de9f7da3c8d126453eceb318f9c3e832ecae605ed5c00549a005049beae9e63682748db427362da7a66bd3cd4db172349d33b7a8f5188263310e3b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\libffi-7.dll
Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\python310.dll
Filesize
4.2MB

MD5
55a168d16ea25dc629501a10b23a886b

SHA1
1c58caa6eeb7c06acdd407fe5975861abad852e9

SHA256
379dc437c778bfa2a3afc7a9809195e998af22ccb4f3a1333a48ccb8e3ff0a22

SHA512
d2638310806afe9b0125410cd59106cfda0546f03c06510e08b6c79535ac830787f55c2784051c94a70205731f7411494a38f08eec8b1987f61b81b964a1bca5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI34802\select.pyd
Filesize
25KB

MD5
2fdf31d795650d1f47a2ec546f2e6ae7

SHA1
aeb5301381e17ca692d9c57747adbb30b6de52ac

SHA256
6734dbb37cf6821b3338a7eabc27e95632332a492cd577d3b6037b5c975ee445

SHA512
6c7d38ee16a35bd57279b39009c2b03f476062ebd46aac45824322256d42e93be27cf9df593d40b08c8e28962cf41e5a921ba9613052a737efe7153e712974a9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads