Overview

overview

7

Static

static

3

NEAS.76f50...e0.exe

windows7-x64

7

NEAS.76f50...e0.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.76f50a19ce4e2b11ab0173c8e41c5ae0.exe

  • Size

    124KB

  • Sample

    231106-dra5page9x

  • MD5

    76f50a19ce4e2b11ab0173c8e41c5ae0

  • SHA1

    635a621fdbba5b9919f4efa0b345bb9fb827c9de

  • SHA256

    42879c5becde13286bc051146fab9cdeea9bf2691eed2e4f22376a51542a29b7

  • SHA512

    743622da16bdd1ec9d46f240c7c730c251707e721cc5cbc28cc09a99c388339eac5be62146d775668d055274d459c56de836e49ae07e64096d44f8985e711826

  • SSDEEP

    3072:MU+W+qNo3e9Sy/9sWWWjG7PLFs2Woz6m0G:L+WJ9SSlGrLFs2R

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      NEAS.76f50a19ce4e2b11ab0173c8e41c5ae0.exe

    • Size

      124KB

    • MD5

      76f50a19ce4e2b11ab0173c8e41c5ae0

    • SHA1

      635a621fdbba5b9919f4efa0b345bb9fb827c9de

    • SHA256

      42879c5becde13286bc051146fab9cdeea9bf2691eed2e4f22376a51542a29b7

    • SHA512

      743622da16bdd1ec9d46f240c7c730c251707e721cc5cbc28cc09a99c388339eac5be62146d775668d055274d459c56de836e49ae07e64096d44f8985e711826

    • SSDEEP

      3072:MU+W+qNo3e9Sy/9sWWWjG7PLFs2Woz6m0G:L+WJ9SSlGrLFs2R

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks