General
Target

tmp/1b322dfd-7176-487c-a27e-c9d01b4eca26_1001.exe

Size

1MB

Sample

211228-frw39sddh6

Score
10/10
MD5

eb0cc50b9a99946a371324ba60e24ba0

SHA1

7a8d0f389c2b848923aefdfb5a6003195fecfc46

SHA256

0ee387071e3b12f2061d01dae97d410bd51e0b93335d57980f92678eafe564dc

SHA512

b3502d439d4e368db8b0fb52a6bbc54ad8d32832726c3540767f90ec0bfb94f3da8d22abab78b56923bd5486d9ee6eac9ad9bc31d1d50d8a8d8fa330e06d3efb

Malware Config
Targets
Target

tmp/1b322dfd-7176-487c-a27e-c9d01b4eca26_1001.exe

MD5

eb0cc50b9a99946a371324ba60e24ba0

Filesize

1MB

Score
10/10
SHA1

7a8d0f389c2b848923aefdfb5a6003195fecfc46

SHA256

0ee387071e3b12f2061d01dae97d410bd51e0b93335d57980f92678eafe564dc

SHA512

b3502d439d4e368db8b0fb52a6bbc54ad8d32832726c3540767f90ec0bfb94f3da8d22abab78b56923bd5486d9ee6eac9ad9bc31d1d50d8a8d8fa330e06d3efb

Tags

Signatures

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association
  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1

                Score
                N/A

                behavioral1

                Score
                10/10

                behavioral2

                Score
                10/10