neshta | afbae06f0ec7939e039a47b7579a98f269eca1be5625e7343267cf4bbb0d5709 | Triage

Submit
Reports

Overview

overview

Static

static

1

781932d5e3...72.exe

windows7_x64

781932d5e3...72.exe

windows10_x64

Sharing

General

Target

781932d5e3cf1b9e902ee2ea8c48f572
Size

234KB
Sample

211029-xe7gxadhe9
MD5

781932d5e3cf1b9e902ee2ea8c48f572
SHA1

70a244d771d7cfa61b2fa3d2a0ac386ea2bf0393
SHA256

afbae06f0ec7939e039a47b7579a98f269eca1be5625e7343267cf4bbb0d5709
SHA512

ba05f74a081a6e4fc12b4c00f388da141bdfa61074ecf379421cdcc72d6f546e6067e07877332e3456bf27a3b17d5549ade76b04cbf2de2753f39fbdf31082bc

Score

10^/10

neshta persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

781932d5e3cf1b9e902ee2ea8c48f572.exe

Resource

win7-en-20210920

neshta persistence spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

781932d5e3cf1b9e902ee2ea8c48f572.exe

Resource

win10-en-20210920

neshta persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  781932d5e3cf1b9e902ee2ea8c48f572
- Size
  
  234KB
- MD5
  
  781932d5e3cf1b9e902ee2ea8c48f572
- SHA1
  
  70a244d771d7cfa61b2fa3d2a0ac386ea2bf0393
- SHA256
  
  afbae06f0ec7939e039a47b7579a98f269eca1be5625e7343267cf4bbb0d5709
- SHA512
  
  ba05f74a081a6e4fc12b4c00f388da141bdfa61074ecf379421cdcc72d6f546e6067e07877332e3456bf27a3b17d5549ade76b04cbf2de2753f39fbdf31082bc
Score

10^/10

neshta persistence spyware stealer
- Detect Neshta Payload
- Modifies system executable filetype association
  persistence
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neshtapersistencespyware

behavioral2

neshtapersistencespywarestealer

© 2018-2024

Terms | Privacy