0694d3cb7198dd2aedaafe5288e984374a4ee8100a8fc49861436ff614e9d9f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0e933c1e16d7c4336b6af2e254d1b890_JC.exe
Size

1.8MB
Sample

231013-wt7ksacg91
MD5

0e933c1e16d7c4336b6af2e254d1b890
SHA1

f8c47fdb1e9f9336296e61d284ca733c892e8eb0
SHA256

0694d3cb7198dd2aedaafe5288e984374a4ee8100a8fc49861436ff614e9d9f3
SHA512

32f3c1daa7609afc5063f660dc876a2e38c692802a1c0b37cdc3a3cb55f7132ae9fd4008f18369b78a7a3a1d25a1b2d85fa32b88357b48b70cf476ac1a821002
SSDEEP

49152:wJSvSZhqdNhmK5RqdYVyLtabMd2kOyVLrC2Z/6IqR2D:wJDdmhk36Is2

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.0e933c1e16d7c4336b6af2e254d1b890_JC.exe
- Size
  
  1.8MB
- MD5
  
  0e933c1e16d7c4336b6af2e254d1b890
- SHA1
  
  f8c47fdb1e9f9336296e61d284ca733c892e8eb0
- SHA256
  
  0694d3cb7198dd2aedaafe5288e984374a4ee8100a8fc49861436ff614e9d9f3
- SHA512
  
  32f3c1daa7609afc5063f660dc876a2e38c692802a1c0b37cdc3a3cb55f7132ae9fd4008f18369b78a7a3a1d25a1b2d85fa32b88357b48b70cf476ac1a821002
- SSDEEP
  
  49152:wJSvSZhqdNhmK5RqdYVyLtabMd2kOyVLrC2Z/6IqR2D:wJDdmhk36Is2
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2