310bedbba09566b7c6cbbcd945173229ace30d35c27289f7b12c6f1d64f8e2e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5b8da1a8856af709276f4310ecf226d0.exe
Size

614KB
Sample

231014-wh41hsah4s
MD5

5b8da1a8856af709276f4310ecf226d0
SHA1

793c97a43970b2be2bd350a46b4a28eabe494af1
SHA256

310bedbba09566b7c6cbbcd945173229ace30d35c27289f7b12c6f1d64f8e2e4
SHA512

e114d2854fb73e66e8d8d9a60b484e10edd4e8ec486d70e371fb9607cec6d315dfa841a153092a19a9e115edc043ae478c9679d03124419d38fa7f7c21a49539
SSDEEP

12288:rXuG1T0elw03WKwJs8yv0PtZn7gTSWTpQzMeqvmrexkknxQzBIp:rXu2nlw6WJyyRKTZuSxlx8

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.5b8da1a8856af709276f4310ecf226d0.exe
- Size
  
  614KB
- MD5
  
  5b8da1a8856af709276f4310ecf226d0
- SHA1
  
  793c97a43970b2be2bd350a46b4a28eabe494af1
- SHA256
  
  310bedbba09566b7c6cbbcd945173229ace30d35c27289f7b12c6f1d64f8e2e4
- SHA512
  
  e114d2854fb73e66e8d8d9a60b484e10edd4e8ec486d70e371fb9607cec6d315dfa841a153092a19a9e115edc043ae478c9679d03124419d38fa7f7c21a49539
- SSDEEP
  
  12288:rXuG1T0elw03WKwJs8yv0PtZn7gTSWTpQzMeqvmrexkknxQzBIp:rXu2nlw6WJyyRKTZuSxlx8
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2