Extracted

• • Target

    NEAS.ff9d1d0a76dbd21db5cc2c8f61129d40_JC.exe

  • Size

    86KB

  • MD5

    ff9d1d0a76dbd21db5cc2c8f61129d40

  • SHA1

    4ada5cccda985ef0004a74a1fddf2d07698f428b

  • SHA256

    24d523b3c6e96b088a7c013135fa5b9af34c3f79c77d43f325712201f0ed76a3

  • SHA512

    a352a7dd0d2db36ef9fed8caa6fdc0ec860008997f64780fd191c316d8b9d2394dce363aee758532f727c1eea259b5c3b1055a1e1fe8ca183ac358a2fac82e84

  • SSDEEP

    1536:9+oPeJVqmC3m5Oj7neBlXMAG2Bc685t3NZxSwEKFKFhx:9+oP0EmC2genXMGU5t9Z0wEKFKFz

  Score

  10^/10

  phemedronespywarestealer

  • Phemedrone

    An information and wallet stealer written in C#.

    stealerphemedrone

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2