Overview

overview

7

Static

static

7

NEAS.f24e4...e0.exe

windows7-x64

7

NEAS.f24e4...e0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.f24e496aa6f6fde90f7e816c9ecf0fe0.exe

  • Size

    1.5MB

  • Sample

    231021-1gmr3abe6y

  • MD5

    f24e496aa6f6fde90f7e816c9ecf0fe0

  • SHA1

    15513bc83d43d56093103f120137de3d856c2495

  • SHA256

    1d684dd831198b2b9c4d8a77538edddc2150522f8bccd37c2b5ad71912553fb4

  • SHA512

    85c2b160624785bf03aaf715893df0f771ca5d52b276097b6d3adbe30191d77bd074055e86ad9ab04bea39a8a6c4a0a475595dccb0cf1b28c1f36401eeb988a0

  • SSDEEP

    24576:t2zEpb7n5xiNVKGRebwWHnBRsfe3DvG4dA8Tarnkfs5qnBpYyC4YO7MQ4zxz:QqHbiNVKGk8Igfge4ukE5UrX7MQaz

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      NEAS.f24e496aa6f6fde90f7e816c9ecf0fe0.exe

    • Size

      1.5MB

    • MD5

      f24e496aa6f6fde90f7e816c9ecf0fe0

    • SHA1

      15513bc83d43d56093103f120137de3d856c2495

    • SHA256

      1d684dd831198b2b9c4d8a77538edddc2150522f8bccd37c2b5ad71912553fb4

    • SHA512

      85c2b160624785bf03aaf715893df0f771ca5d52b276097b6d3adbe30191d77bd074055e86ad9ab04bea39a8a6c4a0a475595dccb0cf1b28c1f36401eeb988a0

    • SSDEEP

      24576:t2zEpb7n5xiNVKGRebwWHnBRsfe3DvG4dA8Tarnkfs5qnBpYyC4YO7MQ4zxz:QqHbiNVKGk8Igfge4ukE5UrX7MQaz

    Score
    7/10
    persistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks