tmp/426d37ca-f57c-40ea-9546-3451dd6a793c_1010.exe

General
Target

tmp/426d37ca-f57c-40ea-9546-3451dd6a793c_1010.exe

Size

1MB

Sample

211228-fthzescadl

Score
10 /10
MD5

55ca0ab18dfc8936c797000b4b5ad050

SHA1

973533cf199bc915dded44365c753ad179f73e43

SHA256

443c3416cb3757851df457336409b478c624f9180ffb4c2a3289da8d69c1e770

SHA512

0bbf723577b94ff8a82b353d61d9e939e1359cc288dc99c2c794375d6dd39ee0585317da34d50db1ddf6d897e16d2232bcdce77fe165982699929a05ad5fa2a0

Malware Config
Targets
Target

tmp/426d37ca-f57c-40ea-9546-3451dd6a793c_1010.exe

MD5

55ca0ab18dfc8936c797000b4b5ad050

Filesize

1MB

Score
10/10
SHA1

973533cf199bc915dded44365c753ad179f73e43

SHA256

443c3416cb3757851df457336409b478c624f9180ffb4c2a3289da8d69c1e770

SHA512

0bbf723577b94ff8a82b353d61d9e939e1359cc288dc99c2c794375d6dd39ee0585317da34d50db1ddf6d897e16d2232bcdce77fe165982699929a05ad5fa2a0

Tags

Signatures

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association
  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1