General

  • Target

    76f97fc2ef366a2c96900d49c974ad30_NEAS

  • Size

    89KB

  • Sample

    240507-pj4b2sfe4z

  • MD5

    76f97fc2ef366a2c96900d49c974ad30

  • SHA1

    aa2eaa4646ff17ec847ab4c84e3cd7fe1e00d8ff

  • SHA256

    ff28e249edb4edca58730de285c9aa5eb8697f5043d0a7e0198bb4d47c17a954

  • SHA512

    4a00ed05b6a4e1383a701eabe521956818792dec0847d445009e8b956bc4c3e445d2474ef05b5fd755f7a9c0d2eeb324461716bfc6698674b6f8b8bc5129eeba

  • SSDEEP

    1536:XHXqO6ZG03eyenOj9lgA/PObuTMT5NMCfL7ojaZf5aZlBlGy5:M1uF6Feu2NlQOBcGk

Malware Config

Targets

    • Target

      76f97fc2ef366a2c96900d49c974ad30_NEAS

    • Size

      89KB

    • MD5

      76f97fc2ef366a2c96900d49c974ad30

    • SHA1

      aa2eaa4646ff17ec847ab4c84e3cd7fe1e00d8ff

    • SHA256

      ff28e249edb4edca58730de285c9aa5eb8697f5043d0a7e0198bb4d47c17a954

    • SHA512

      4a00ed05b6a4e1383a701eabe521956818792dec0847d445009e8b956bc4c3e445d2474ef05b5fd755f7a9c0d2eeb324461716bfc6698674b6f8b8bc5129eeba

    • SSDEEP

      1536:XHXqO6ZG03eyenOj9lgA/PObuTMT5NMCfL7ojaZf5aZlBlGy5:M1uF6Feu2NlQOBcGk

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks