General
Target

tmp/ed3d8bdf-c1c7-4e1c-a9fe-2c6c900ca8d0_1011.exe

Size

931KB

Sample

211228-fpw1gscacn

Score
10/10
MD5

942547df7e44b3c70624e386da271b24

SHA1

a212daed6bfe9eb149369c1805e563bbed2be27f

SHA256

7043eb9c377c2a90b3f71b4ac4a8ddd9432f59e375112452c3f2294ee9fa40b7

SHA512

7b1ec6b3789b96570b53b870c78daa6fb586caf7f6e5c88ee62301c073108939b5952a75aca895832e3b83f2a3fe248f21b062e619d50f9b00e9e3e64731f0f8

Malware Config
Targets
Target

tmp/ed3d8bdf-c1c7-4e1c-a9fe-2c6c900ca8d0_1011.exe

MD5

942547df7e44b3c70624e386da271b24

Filesize

931KB

Score
10/10
SHA1

a212daed6bfe9eb149369c1805e563bbed2be27f

SHA256

7043eb9c377c2a90b3f71b4ac4a8ddd9432f59e375112452c3f2294ee9fa40b7

SHA512

7b1ec6b3789b96570b53b870c78daa6fb586caf7f6e5c88ee62301c073108939b5952a75aca895832e3b83f2a3fe248f21b062e619d50f9b00e9e3e64731f0f8

Tags

Signatures

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association
  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1

                Score
                N/A

                behavioral1

                Score
                10/10

                behavioral2

                Score
                10/10