neshta | 5f6ddf82a669dc9eb8f67d740cf40836f4618fdf396c1daaff74cb305b8a89a9 | Triage

Submit
Reports

Overview

overview

Static

static

1

PI JFMY-PS211130.exe

windows7_x64

PI JFMY-PS211130.exe

windows10_x64

Sharing

General

Target

PI JFMY-PS211130.exe
Size

349KB
Sample

211207-lbl61sbdg8
MD5

7cff5cadc7bf962189c95658af8a88e4
SHA1

e128aa88dcf9d1278405060f7f6404af16edcba1
SHA256

5f6ddf82a669dc9eb8f67d740cf40836f4618fdf396c1daaff74cb305b8a89a9
SHA512

6fdbecd32d1fd33e4f309c21b5cb1a1be7b0f45dda1412e9382e9793c070c849303e77ca811605b9f20918f3c596ede8c1064e6a791584c515d8d4589a0b1238

Score

10^/10

neshta persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

PI JFMY-PS211130.exe

Resource

win7-en-20211014

neshta persistence spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PI JFMY-PS211130.exe

Resource

win10-en-20211104

neshta persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PI JFMY-PS211130.exe
- Size
  
  349KB
- MD5
  
  7cff5cadc7bf962189c95658af8a88e4
- SHA1
  
  e128aa88dcf9d1278405060f7f6404af16edcba1
- SHA256
  
  5f6ddf82a669dc9eb8f67d740cf40836f4618fdf396c1daaff74cb305b8a89a9
- SHA512
  
  6fdbecd32d1fd33e4f309c21b5cb1a1be7b0f45dda1412e9382e9793c070c849303e77ca811605b9f20918f3c596ede8c1064e6a791584c515d8d4589a0b1238
Score

10^/10

neshta persistence spyware stealer
- Detect Neshta Payload
- Modifies system executable filetype association
  persistence
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

neshtapersistencespyware

behavioral2

neshtapersistencespywarestealer

© 2018-2024

Terms | Privacy