Overview

overview

8

Static

static

3

NEAS.1f84b...61.exe

windows7-x64

8

NEAS.1f84b...61.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.1f84bfd518bd1e6e2fc7b44103ae1561.exe

  • Size

    136KB

  • Sample

    231031-kjvbxshf8t

  • MD5

    1f84bfd518bd1e6e2fc7b44103ae1561

  • SHA1

    379e980cd31ed3fab81e7c8bc0cdf6103274626f

  • SHA256

    7e39581432c2f1eb78da558dedcfb6764dcbb7455bae90fd374d35276fafb7a8

  • SHA512

    9540b33460e1ad219155d526ea91fecebd2b427e70a7ae8449ba13ecf8d8eeaa94767308deba91300873fb042fc7cd9f8d272389804e447be5a0904121b424a0

  • SSDEEP

    3072:HbRBxl5NBkrmK6xI2NvGcSX+apb4yzjRbaA:nxl5NSzcvwXBzN/

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      NEAS.1f84bfd518bd1e6e2fc7b44103ae1561.exe

    • Size

      136KB

    • MD5

      1f84bfd518bd1e6e2fc7b44103ae1561

    • SHA1

      379e980cd31ed3fab81e7c8bc0cdf6103274626f

    • SHA256

      7e39581432c2f1eb78da558dedcfb6764dcbb7455bae90fd374d35276fafb7a8

    • SHA512

      9540b33460e1ad219155d526ea91fecebd2b427e70a7ae8449ba13ecf8d8eeaa94767308deba91300873fb042fc7cd9f8d272389804e447be5a0904121b424a0

    • SSDEEP

      3072:HbRBxl5NBkrmK6xI2NvGcSX+apb4yzjRbaA:nxl5NSzcvwXBzN/

    Score
    8/10
    spywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks