Overview

overview

7

Static

static

3

NEAS.75aff...d0.exe

windows7-x64

7

NEAS.75aff...d0.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.75aff5bd6d678fab7728a89176d2d1d0.exe

  • Size

    198KB

  • Sample

    231101-fee9zscf66

  • MD5

    75aff5bd6d678fab7728a89176d2d1d0

  • SHA1

    23e463153413f37129c2665b554bcf4bdbdd1c86

  • SHA256

    e4b7af4a23bf616896d16cb2d68b73701fe2b3826a5471b0c234dda09f30e398

  • SHA512

    2fcaf6895f35833a04653ff8bcde2bdccb7d8ddd4c9a666b62ceb1b277104a50ddb1c432235978be12b106e7e0f31b0f6bf7f193bf1539adca2fb44f8b31b251

  • SSDEEP

    3072:5U+W+qNo3e9Sy/9sWWWjG7PL7KD333CLP3ZYkBfffAVpE/222MsKjhppt:G+WJ9SSlGrL7K+LP+AfffAVpEzppt

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      NEAS.75aff5bd6d678fab7728a89176d2d1d0.exe

    • Size

      198KB

    • MD5

      75aff5bd6d678fab7728a89176d2d1d0

    • SHA1

      23e463153413f37129c2665b554bcf4bdbdd1c86

    • SHA256

      e4b7af4a23bf616896d16cb2d68b73701fe2b3826a5471b0c234dda09f30e398

    • SHA512

      2fcaf6895f35833a04653ff8bcde2bdccb7d8ddd4c9a666b62ceb1b277104a50ddb1c432235978be12b106e7e0f31b0f6bf7f193bf1539adca2fb44f8b31b251

    • SSDEEP

      3072:5U+W+qNo3e9Sy/9sWWWjG7PL7KD333CLP3ZYkBfffAVpE/222MsKjhppt:G+WJ9SSlGrL7K+LP+AfffAVpEzppt

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks