25871bf8a488d6b5d30604bdb65a6f9b37dccf7914ec7ed7172214dde6db89b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6b1d60aa99642cc2ec8f135045b02060.exe
Size

582KB
Sample

231021-z76gesea4w
MD5

6b1d60aa99642cc2ec8f135045b02060
SHA1

9e1a0d02469b47f3478afe160d3d1c4b17d00128
SHA256

25871bf8a488d6b5d30604bdb65a6f9b37dccf7914ec7ed7172214dde6db89b7
SHA512

a56fede25faa21a180db5ac097265dac144f2deb99395ff353c56eba1e24ca085dfb40d6123aec118ac52ecd61c155098066ee20d51c81d79ce8a6b432221ef4
SSDEEP

12288:wRCwxW0udWTRW8fdeAISKGKHgshux0wJmWsx6:NwxbuETRW8fdeAIS6AsLwJm1

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.6b1d60aa99642cc2ec8f135045b02060.exe
- Size
  
  582KB
- MD5
  
  6b1d60aa99642cc2ec8f135045b02060
- SHA1
  
  9e1a0d02469b47f3478afe160d3d1c4b17d00128
- SHA256
  
  25871bf8a488d6b5d30604bdb65a6f9b37dccf7914ec7ed7172214dde6db89b7
- SHA512
  
  a56fede25faa21a180db5ac097265dac144f2deb99395ff353c56eba1e24ca085dfb40d6123aec118ac52ecd61c155098066ee20d51c81d79ce8a6b432221ef4
- SSDEEP
  
  12288:wRCwxW0udWTRW8fdeAISKGKHgshux0wJmWsx6:NwxbuETRW8fdeAIS6AsLwJm1
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2