General
-
Target
NEAS.9b41e6d55dc0151c843a30d4010fc3d0.exe
-
Size
70KB
-
Sample
231104-qd545aac2y
-
MD5
9b41e6d55dc0151c843a30d4010fc3d0
-
SHA1
ba18ace1459ebec4bfdadf2a7b02d30ec7e971cd
-
SHA256
39ea763c8b6b899b73c8f75fcb20ce0f1f78d8c52fa183da222afa4e428e88d1
-
SHA512
308993066fd5752f60276c8f99975426e81411c8f808e983fe48a1820f92173c2b3ea0e16cd3727b4fc8930b10233ef86f5c7b19e6a51638ad466d64ae83aa89
-
SSDEEP
1536:9q5VwWDjDkdTRqHFOn8tIbbeYiuZIFS9b1YTjipvF2a:9q5ud9qHFO8Kf3rIIb1YvQd2a
Malware Config
Targets
-
-
Target
NEAS.9b41e6d55dc0151c843a30d4010fc3d0.exe
-
Size
70KB
-
MD5
9b41e6d55dc0151c843a30d4010fc3d0
-
SHA1
ba18ace1459ebec4bfdadf2a7b02d30ec7e971cd
-
SHA256
39ea763c8b6b899b73c8f75fcb20ce0f1f78d8c52fa183da222afa4e428e88d1
-
SHA512
308993066fd5752f60276c8f99975426e81411c8f808e983fe48a1820f92173c2b3ea0e16cd3727b4fc8930b10233ef86f5c7b19e6a51638ad466d64ae83aa89
-
SSDEEP
1536:9q5VwWDjDkdTRqHFOn8tIbbeYiuZIFS9b1YTjipvF2a:9q5ud9qHFO8Kf3rIIb1YvQd2a
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-