8092f8fde4dc9c32cdff0b92ddf9caf2f1e851beb82cceaa96f722ddd3ebc6ba | Triage

Sharing

General

Target

NEAS.9d5375c79401c8c68e7115dc8423d770.exe
Size

25KB
Sample

231101-gfp19abb6y
MD5

9d5375c79401c8c68e7115dc8423d770
SHA1

a55f2717bbc0816a8da34e7a995d72d22a191774
SHA256

8092f8fde4dc9c32cdff0b92ddf9caf2f1e851beb82cceaa96f722ddd3ebc6ba
SHA512

eb923705bace915c589a154de3bdbe5c29c8487b1a30594974c4c14cdfb95f5a2bfd6a80b9d6e2bdd3a9514863cb7dae8aa60c9cdb4fcbf0bbcbb4e51f602a8b
SSDEEP

384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvoWi:8Q3LotOPNSQVwVVxGKEvKHrVI

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  NEAS.9d5375c79401c8c68e7115dc8423d770.exe
- Size
  
  25KB
- MD5
  
  9d5375c79401c8c68e7115dc8423d770
- SHA1
  
  a55f2717bbc0816a8da34e7a995d72d22a191774
- SHA256
  
  8092f8fde4dc9c32cdff0b92ddf9caf2f1e851beb82cceaa96f722ddd3ebc6ba
- SHA512
  
  eb923705bace915c589a154de3bdbe5c29c8487b1a30594974c4c14cdfb95f5a2bfd6a80b9d6e2bdd3a9514863cb7dae8aa60c9cdb4fcbf0bbcbb4e51f602a8b
- SSDEEP
  
  384:qc0J+vqBoLotA8oPNIrxKRQSv7QrzVVvOytGxboE9K/mKHrjpjvoWi:8Q3LotOPNSQVwVVxGKEvKHrVI
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer