Overview

overview

7

Static

static

3

NEAS.160dc...80.exe

windows7-x64

7

NEAS.160dc...80.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.160dcc4b4bb1f74c910e2ee8587a6d80.exe

  • Size

    1.5MB

  • Sample

    231021-z3bfgsba9s

  • MD5

    160dcc4b4bb1f74c910e2ee8587a6d80

  • SHA1

    6e1defc6409b8260ce1f6eaba5c5c7c38cd550b5

  • SHA256

    fb1cadc75fcecb313cb021b2a34632a581570ac1ce7d4bf5f808330e06e77d4f

  • SHA512

    2dcf130a392ce27629b82bfa5cbf6bf1528ebd193a038e8aa3ff50334b18f5651d89e4b5a6897e868b3f5d7cb5f9c6bda4ffbd35035854ea4c37a6f4d834ff54

  • SSDEEP

    24576:oWaZhdIQeMYYesRAn+1QU0+lZxCNjbuxFXT3nlGHmwpguZxl/I:Va3uQeMlVMU1PiG3noLgu3l/I

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      NEAS.160dcc4b4bb1f74c910e2ee8587a6d80.exe

    • Size

      1.5MB

    • MD5

      160dcc4b4bb1f74c910e2ee8587a6d80

    • SHA1

      6e1defc6409b8260ce1f6eaba5c5c7c38cd550b5

    • SHA256

      fb1cadc75fcecb313cb021b2a34632a581570ac1ce7d4bf5f808330e06e77d4f

    • SHA512

      2dcf130a392ce27629b82bfa5cbf6bf1528ebd193a038e8aa3ff50334b18f5651d89e4b5a6897e868b3f5d7cb5f9c6bda4ffbd35035854ea4c37a6f4d834ff54

    • SSDEEP

      24576:oWaZhdIQeMYYesRAn+1QU0+lZxCNjbuxFXT3nlGHmwpguZxl/I:Va3uQeMlVMU1PiG3noLgu3l/I

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks