Overview

overview

10

Static

static

1

vbc.bin.exe

windows7_x64

10

vbc.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vbc.bin.zip

  • Size

    221KB

  • Sample

    211029-qjrtpadch9

  • MD5

    8fb6bc5675ae219d908efeef4de8d836

  • SHA1

    07d6d7aa5b07d7f728c52aebbe0aa3b6b5b37888

  • SHA256

    55d726f18ff6c6a006fa861edd7b8a7cba7534d2900daffed6c04714c54f4bb1

  • SHA512

    c33f7fa67317fc6bf2eaf75d8b7368071b0e59b0bb6cd6eb54a913d294c9f32755f17fa2a8381eeee8b3d8ebe06fc342c44befcd4e6aa8837daa57a62c5abc5f

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      vbc.bin

    • Size

      234KB

    • MD5

      781932d5e3cf1b9e902ee2ea8c48f572

    • SHA1

      70a244d771d7cfa61b2fa3d2a0ac386ea2bf0393

    • SHA256

      afbae06f0ec7939e039a47b7579a98f269eca1be5625e7343267cf4bbb0d5709

    • SHA512

      ba05f74a081a6e4fc12b4c00f388da141bdfa61074ecf379421cdcc72d6f546e6067e07877332e3456bf27a3b17d5549ade76b04cbf2de2753f39fbdf31082bc

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta Payload

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks