General
-
Target
NEAS.89122b9f45a936db9a61ed67eaaf6750.exe
-
Size
119KB
-
Sample
231022-vx6l8agf76
-
MD5
89122b9f45a936db9a61ed67eaaf6750
-
SHA1
10a02680d4338e0f7b430ef9db1689c2748726e7
-
SHA256
c143ab18796427519d04022439c0156eb104695c0501c969a64ba886a0438e51
-
SHA512
9ae04950b3a157e2ef2f2be231c5f52563742c5b441740a5ec56cde57aae0cd85366472aec6e4de90f21894ab16f9cbcb47134dcdd18e45234c1dede9d9ec2d9
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Malware Config
Targets
-
-
Target
NEAS.89122b9f45a936db9a61ed67eaaf6750.exe
-
Size
119KB
-
MD5
89122b9f45a936db9a61ed67eaaf6750
-
SHA1
10a02680d4338e0f7b430ef9db1689c2748726e7
-
SHA256
c143ab18796427519d04022439c0156eb104695c0501c969a64ba886a0438e51
-
SHA512
9ae04950b3a157e2ef2f2be231c5f52563742c5b441740a5ec56cde57aae0cd85366472aec6e4de90f21894ab16f9cbcb47134dcdd18e45234c1dede9d9ec2d9
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-