49622d1be1fabbf967f39138bbbb2616b202f7535ca63e018343940f0fddcbca | Triage

Sharing

General

Target

NEAS.f215c6f1e265c4cda451e50a892592f0.exe
Size

323KB
Sample

231022-v4knbsag3v
MD5

f215c6f1e265c4cda451e50a892592f0
SHA1

a93483b0f23a6ff097eaf686cfb09b4080db57d4
SHA256

49622d1be1fabbf967f39138bbbb2616b202f7535ca63e018343940f0fddcbca
SHA512

0f2e0c4ff616eaf855d6bc9a07e1fa0d8d0424296a12921e4c1deca5b18e131a1cc3ab6aad554d9768bd1e5e1fb93ada515ba9d2bd1e8fea28819ab31ffb0a13
SSDEEP

6144:b0Z+QKmJchRcTHKd0nSrVDcVEOFMOv+UUjFQAaTYpIw6gj5FvVbT9LNuT8MxJnZx:byfOhR6fnSxDceOFMOv+VxQAaiI41PZU

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  NEAS.f215c6f1e265c4cda451e50a892592f0.exe
- Size
  
  323KB
- MD5
  
  f215c6f1e265c4cda451e50a892592f0
- SHA1
  
  a93483b0f23a6ff097eaf686cfb09b4080db57d4
- SHA256
  
  49622d1be1fabbf967f39138bbbb2616b202f7535ca63e018343940f0fddcbca
- SHA512
  
  0f2e0c4ff616eaf855d6bc9a07e1fa0d8d0424296a12921e4c1deca5b18e131a1cc3ab6aad554d9768bd1e5e1fb93ada515ba9d2bd1e8fea28819ab31ffb0a13
- SSDEEP
  
  6144:b0Z+QKmJchRcTHKd0nSrVDcVEOFMOv+UUjFQAaTYpIw6gj5FvVbT9LNuT8MxJnZx:byfOhR6fnSxDceOFMOv+VxQAaiI41PZU
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2