Overview

overview

7

Static

static

3

NEAS.6d61a...JC.exe

windows7-x64

7

NEAS.6d61a...JC.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.6d61a51a0012377e9fa37ea87f4bcc90_JC.exe

  • Size

    1.5MB

  • Sample

    231101-nnwmbshf58

  • MD5

    6d61a51a0012377e9fa37ea87f4bcc90

  • SHA1

    c1a6df309b3a228d14a4f916aeb46bc237a62150

  • SHA256

    c222170b04d6a3c56cd095bb5990880ed28fd343ef6f341442a670230b4af081

  • SHA512

    863a2fa72d8e5b48d98ca69d7324ee3196c93a6e94d387327dfe00b07deec0ef0e31ab0749afff76e35060c947511fde5b2e660e499798ff61d6be581015a2b9

  • SSDEEP

    24576:lq8yVvb+bonxCKv0ihabY3QAVCaE8onlYM6RBJtCEAmJ7Ar6hDqWBaFp6Emr9rR:fbKKeabY3QAVCa8lYfVAmC3DFp6hr1R

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      NEAS.6d61a51a0012377e9fa37ea87f4bcc90_JC.exe

    • Size

      1.5MB

    • MD5

      6d61a51a0012377e9fa37ea87f4bcc90

    • SHA1

      c1a6df309b3a228d14a4f916aeb46bc237a62150

    • SHA256

      c222170b04d6a3c56cd095bb5990880ed28fd343ef6f341442a670230b4af081

    • SHA512

      863a2fa72d8e5b48d98ca69d7324ee3196c93a6e94d387327dfe00b07deec0ef0e31ab0749afff76e35060c947511fde5b2e660e499798ff61d6be581015a2b9

    • SSDEEP

      24576:lq8yVvb+bonxCKv0ihabY3QAVCaE8onlYM6RBJtCEAmJ7Ar6hDqWBaFp6Emr9rR:fbKKeabY3QAVCa8lYfVAmC3DFp6hr1R

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks