Overview

overview

7

Static

static

7

NEAS.ada99...20.exe

windows7-x64

7

NEAS.ada99...20.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.ada995ee3551798489603cdd8bf22e20.exe

  • Size

    3.4MB

  • Sample

    231016-w63scsbb99

  • MD5

    ada995ee3551798489603cdd8bf22e20

  • SHA1

    cdfbba9cd93403ea6e90d60d4df68de5de436960

  • SHA256

    9f474307bbd751e2a92e8c24cbc6eac23b651ecc005ffa4916300ca2363d52fa

  • SHA512

    cf492b7c784c67fe7619d6bf7a79695ef26362046402bd553d1e6fd398232a6f5d6ef2085165b97972191484ed2db734801d30ce01a6244775cfee1781e551a2

  • SSDEEP

    98304:zFFiN6dcSNqZsLz4uahD20nTCuP5aq7KeIx1Sk:PGwqZsL8uaHTore3k

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      NEAS.ada995ee3551798489603cdd8bf22e20.exe

    • Size

      3.4MB

    • MD5

      ada995ee3551798489603cdd8bf22e20

    • SHA1

      cdfbba9cd93403ea6e90d60d4df68de5de436960

    • SHA256

      9f474307bbd751e2a92e8c24cbc6eac23b651ecc005ffa4916300ca2363d52fa

    • SHA512

      cf492b7c784c67fe7619d6bf7a79695ef26362046402bd553d1e6fd398232a6f5d6ef2085165b97972191484ed2db734801d30ce01a6244775cfee1781e551a2

    • SSDEEP

      98304:zFFiN6dcSNqZsLz4uahD20nTCuP5aq7KeIx1Sk:PGwqZsL8uaHTore3k

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks