General
Target
Size
Sample
tmp/a1662be5-74e9-4a9b-9662-ca7666ba82c8_1002.exe
2MB
211228-frs2lscacq
Score
10/10
MD5
SHA1
SHA256
SHA512
b99e52186d2c0f482592184c034a5b42
4b3148537c594400283cdbcbb01cad18887cd745
3ae96468f8fd491e673fd862d5926da87b33cea066038910b29ed3d493f5e9f3
e3df8ba7327e2cd0d0fe064ac2ff95b7ff2a34aa2cf39f2822973827bc06205b8fb2b1246bbce9393ffcfa3e8545634d10a6256feea20b8341a9be5be6d7bf34
Malware Config
Targets
Target
MD5
Filesize
tmp/a1662be5-74e9-4a9b-9662-ca7666ba82c8_1002.exe
b99e52186d2c0f482592184c034a5b42
2MB
Score
10/10
SHA1
SHA256
SHA512
4b3148537c594400283cdbcbb01cad18887cd745
3ae96468f8fd491e673fd862d5926da87b33cea066038910b29ed3d493f5e9f3
e3df8ba7327e2cd0d0fe064ac2ff95b7ff2a34aa2cf39f2822973827bc06205b8fb2b1246bbce9393ffcfa3e8545634d10a6256feea20b8341a9be5be6d7bf34
Tags
Signatures
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Description
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Tags
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks
static1
Score
N/A
behavioral1
Score
10/10
behavioral2
Score
10/10