Overview

overview

10

Static

static

1

8d97ea0aeb...90.exe

windows7_x64

7

8d97ea0aeb...90.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d97ea0aeb6dbb5bfe61a2a45809dd90

  • Size

    234KB

  • Sample

    211029-xlxlaaafaj

  • MD5

    8d97ea0aeb6dbb5bfe61a2a45809dd90

  • SHA1

    c2abdfefadc76b9f78b500f5b3aba9321a5d42e1

  • SHA256

    8397681fb127b7050397870b95f23d310f2e62ee5c2e3a7410d2daeec99e9e06

  • SHA512

    b199abfc0abe5f46873ceaccd287e973a6285d40caeb9320f126bfdc081f4bbd8dc706a2a2ca74a305fd5666772db877cb6bc1ea35448585941b1f191405779e

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      8d97ea0aeb6dbb5bfe61a2a45809dd90

    • Size

      234KB

    • MD5

      8d97ea0aeb6dbb5bfe61a2a45809dd90

    • SHA1

      c2abdfefadc76b9f78b500f5b3aba9321a5d42e1

    • SHA256

      8397681fb127b7050397870b95f23d310f2e62ee5c2e3a7410d2daeec99e9e06

    • SHA512

      b199abfc0abe5f46873ceaccd287e973a6285d40caeb9320f126bfdc081f4bbd8dc706a2a2ca74a305fd5666772db877cb6bc1ea35448585941b1f191405779e

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks