Overview

overview

10

Static

static

10

javaws.exe

windows7_x64

10

javaws.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    javaws.exe

  • Size

    303KB

  • Sample

    211129-yl9fhscfdk

  • MD5

    8d21b5e686911bc88b358c70adcd4ec4

  • SHA1

    39cc73af630e018d4217cc3b3078b5bbc1ae2188

  • SHA256

    78078dc82553a46a10e78304b329b217ddcba442632f394033016cff9edbb16b

  • SHA512

    c8d531b1d728892cc7a06300e6e727a55478539019327f5b131a7d08165c87417c91b5d4e44163cf8a1f6bbb46b2059c9eaf7a877dadddffcc48f92c79ec3408

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      javaws.exe

    • Size

      303KB

    • MD5

      8d21b5e686911bc88b358c70adcd4ec4

    • SHA1

      39cc73af630e018d4217cc3b3078b5bbc1ae2188

    • SHA256

      78078dc82553a46a10e78304b329b217ddcba442632f394033016cff9edbb16b

    • SHA512

      c8d531b1d728892cc7a06300e6e727a55478539019327f5b131a7d08165c87417c91b5d4e44163cf8a1f6bbb46b2059c9eaf7a877dadddffcc48f92c79ec3408

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks