79e15ae2191e58cd633735a0d87261b718ea9268e8ef742943f10a9e3f3a0cf5 | Triage

Analysis

max time kernel
121s
max time network
151s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
22/10/2023, 17:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NEAS.48689829a3ea0d6df96596d0af53c5d0.exe
Size

874KB
MD5

48689829a3ea0d6df96596d0af53c5d0
SHA1

5c169d66512a0547cc4a3efe3467d63a0b74e33d
SHA256

79e15ae2191e58cd633735a0d87261b718ea9268e8ef742943f10a9e3f3a0cf5
SHA512

d7ea44200529bde7c8f66d9d2b2198c34ff2e134dd0750bd298b40213e7b8e92bc5a3f5d0c966ec929368930675f76431d3638a8537846bc044d7b497220f479
SSDEEP

12288:2duZG5T9HaajxNgSXab11IfnIqlGOrAeYnlXPgrcefVdBRBeslDv+yfgo:2dJZ96ajbgSXqXIqonYlo5fXYslDI

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\NEAS.48689829a3ea0d6df96596d0af53c5d0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.48689829a3ea0d6df96596d0af53c5d0.exe"
1⤵
PID:2708

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads