Overview

overview

7

Static

static

7

NEAS.ed26a...00.exe

windows7-x64

7

NEAS.ed26a...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.ed26a38f0fadf13dc8079441ca3a7500.exe

  • Size

    614KB

  • Sample

    231022-v397lacc95

  • MD5

    ed26a38f0fadf13dc8079441ca3a7500

  • SHA1

    dec6a3e09e23db4f70a5bd51585ef86d4f77e30f

  • SHA256

    26fdb8a0087fc1f3a34306a4209f6887a3ccb68538fd83ac45fa9f34b88e6f63

  • SHA512

    3f74b4cc97fec586d9909b8ecca8384f259132d63aa9b54e55579e89ebada9ab2c89dcf1224cba4567c78e1e8392b92950733719b6b85b0ad7908426e92d301d

  • SSDEEP

    12288:xEQoS+qh70GZ/VEWg3OrUgcrFisv8jJc4hh5N6aoU2QvSH+n:xn7DeV3OQTrFis0jr3HoU2Qx

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      NEAS.ed26a38f0fadf13dc8079441ca3a7500.exe

    • Size

      614KB

    • MD5

      ed26a38f0fadf13dc8079441ca3a7500

    • SHA1

      dec6a3e09e23db4f70a5bd51585ef86d4f77e30f

    • SHA256

      26fdb8a0087fc1f3a34306a4209f6887a3ccb68538fd83ac45fa9f34b88e6f63

    • SHA512

      3f74b4cc97fec586d9909b8ecca8384f259132d63aa9b54e55579e89ebada9ab2c89dcf1224cba4567c78e1e8392b92950733719b6b85b0ad7908426e92d301d

    • SSDEEP

      12288:xEQoS+qh70GZ/VEWg3OrUgcrFisv8jJc4hh5N6aoU2QvSH+n:xn7DeV3OQTrFis0jr3HoU2Qx

    Score
    7/10
    persistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks