Overview

overview

7

Static

static

3

NEAS.17ea9...00.exe

windows7-x64

7

NEAS.17ea9...00.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.17ea9dd25f0ae1028d57f76fa2411300.exe

  • Size

    436KB

  • Sample

    231028-wm93bsdh3z

  • MD5

    17ea9dd25f0ae1028d57f76fa2411300

  • SHA1

    70681877397cf83c80802b1789994c19f597fa6e

  • SHA256

    bc3e878f086898a091adf60f4eb1d23a8cfeb37af2fd23077ae8ed6a9fac3a72

  • SHA512

    f0f5b84d9d6006ac2ffcef3c330c57656533c2051bc3a744b0e1dd1f09479a6b81caf87978e0cc663eb3c1a430a9ce3a64f426055ea2b80313ca61baaa4fb3e1

  • SSDEEP

    12288:lXa8sYcD17x2W2XHRXn8vhgKhkdvfThOiNbCNDxo:lq8jcpFRaRmmKhkXsNDxo

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      NEAS.17ea9dd25f0ae1028d57f76fa2411300.exe

    • Size

      436KB

    • MD5

      17ea9dd25f0ae1028d57f76fa2411300

    • SHA1

      70681877397cf83c80802b1789994c19f597fa6e

    • SHA256

      bc3e878f086898a091adf60f4eb1d23a8cfeb37af2fd23077ae8ed6a9fac3a72

    • SHA512

      f0f5b84d9d6006ac2ffcef3c330c57656533c2051bc3a744b0e1dd1f09479a6b81caf87978e0cc663eb3c1a430a9ce3a64f426055ea2b80313ca61baaa4fb3e1

    • SSDEEP

      12288:lXa8sYcD17x2W2XHRXn8vhgKhkdvfThOiNbCNDxo:lq8jcpFRaRmmKhkXsNDxo

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks