14e9ad05d44cea49e8dbe8bd60660398dc9ad483c5402ddd64c643d7a1e91c82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.052b6b42ac27902710613c0ce85b6a00.exe
Size

1.6MB
Sample

231022-t92ncsag91
MD5

052b6b42ac27902710613c0ce85b6a00
SHA1

4d24b9e6d6fc49753b33615b667115bca1da0160
SHA256

14e9ad05d44cea49e8dbe8bd60660398dc9ad483c5402ddd64c643d7a1e91c82
SHA512

9036c03d3f7fcfcc554e4bebc929b2fb320c0cfbfd175d190b0daf6588952c38e138a76b2547d4c2b69402c0ee29bf9ab9f5768610e217c1612c173293bb7199
SSDEEP

24576:5MhE2nhs2Gc6MFpWGz6ljUFjwhQNSLvqhNDUqyWav6e5qKocIlUFvoXDYaaGd:ShPoGsQFjwhWZhYJv6e5TPBuTl

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.052b6b42ac27902710613c0ce85b6a00.exe
- Size
  
  1.6MB
- MD5
  
  052b6b42ac27902710613c0ce85b6a00
- SHA1
  
  4d24b9e6d6fc49753b33615b667115bca1da0160
- SHA256
  
  14e9ad05d44cea49e8dbe8bd60660398dc9ad483c5402ddd64c643d7a1e91c82
- SHA512
  
  9036c03d3f7fcfcc554e4bebc929b2fb320c0cfbfd175d190b0daf6588952c38e138a76b2547d4c2b69402c0ee29bf9ab9f5768610e217c1612c173293bb7199
- SSDEEP
  
  24576:5MhE2nhs2Gc6MFpWGz6ljUFjwhQNSLvqhNDUqyWav6e5qKocIlUFvoXDYaaGd:ShPoGsQFjwhWZhYJv6e5TPBuTl
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2