999b9b70d5078d72d6b018824ad58e53dd6703c1bd9fa9bc0a6ec46724450161 | Triage

Sharing

General

Target

NEAS.10b81265235cb48dbabf45d482c52630.exe
Size

8.0MB
Sample

231116-z2sclsgg8z
MD5

10b81265235cb48dbabf45d482c52630
SHA1

fd406b2bff9ac4abd36e1ba6ee366cf4575ee068
SHA256

999b9b70d5078d72d6b018824ad58e53dd6703c1bd9fa9bc0a6ec46724450161
SHA512

1d004444819bef2584d16c3bd1841cf4c86085c7e4649932cd5b4087f13725c7e9dd432fbc1b1419b2ece0515254a742b55957cf6c549f170002ec16531dcb69
SSDEEP

196608:NoMl8D1jXgPo2S9+ULdNPtbuPZOOmnqogHh/p3k:kmw2SlLdNPt6ROOmqZn3k

Score

8^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  NEAS.10b81265235cb48dbabf45d482c52630.exe
- Size
  
  8.0MB
- MD5
  
  10b81265235cb48dbabf45d482c52630
- SHA1
  
  fd406b2bff9ac4abd36e1ba6ee366cf4575ee068
- SHA256
  
  999b9b70d5078d72d6b018824ad58e53dd6703c1bd9fa9bc0a6ec46724450161
- SHA512
  
  1d004444819bef2584d16c3bd1841cf4c86085c7e4649932cd5b4087f13725c7e9dd432fbc1b1419b2ece0515254a742b55957cf6c549f170002ec16531dcb69
- SSDEEP
  
  196608:NoMl8D1jXgPo2S9+ULdNPtbuPZOOmnqogHh/p3k:kmw2SlLdNPt6ROOmqZn3k
Score

8^/10

persistence spyware stealer
- Drops file in Drivers directory
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2