Overview

overview

10

Static

static

1

DUE SOA.exe

windows7_x64

10

DUE SOA.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DUE SOA.zip

  • Size

    516KB

  • Sample

    211029-afqt8acda8

  • MD5

    2ec901ac7f5984e54e49d4c11c84e710

  • SHA1

    b376f088b18f255bf65d2d6db1b112d326844c4c

  • SHA256

    09c2a61315b358eaf024976ed358b626664ee0f2d8bd1e4de89d82656b73484e

  • SHA512

    8aa6ca19ffb5a8ccbae0e823245fd05d7f048efc97531b32fabdc8ac0bafe2284b44db967f4bf9a9b654f7195f07e1be3718e4ba53c2c880e7474c502d2276ed

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      DUE SOA.exe

    • Size

      614KB

    • MD5

      e6839a4ad6eb043bd41052740c27e1f9

    • SHA1

      a03ab63f5c070980be362d3b98bdd55f2574c228

    • SHA256

      16cb5498c592fb2a32fa882aa0996591f067d77c50eedf69cda4d04ef93cab83

    • SHA512

      2524dc118ccbaf7c5bdd462d460e15e7eafeab3cd5a67fdde591fccb5a8a1c6394e3cdec17e9c8fd2a1a9e1861792ce86f1f5c42a2d8f197a278b075559aa19e

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta Payload

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks