General
Target

tmp/25e4a379-87a3-4697-9bf3-405c7ea1233b_1013.exe

Size

971KB

Sample

211228-m32apadgc5

Score
10/10
MD5

0f09c21dda0c397d72e388d46f03e777

SHA1

44c93d3f5e021a2c736f3b29e94342c1404fa549

SHA256

6afc05e16f34327163a5576483ec7a3c56ba26c762648b9b9261901382af4a65

SHA512

5af85c92b890bd7973938e683fda4097d72d220d5a3ba14d95592ce07ba118d09597d7539e6e3f9ed92ada5d136a942bdec061e057fb155276d294cc913213c4

Malware Config
Targets
Target

tmp/25e4a379-87a3-4697-9bf3-405c7ea1233b_1013.exe

MD5

0f09c21dda0c397d72e388d46f03e777

Filesize

971KB

Score
10/10
SHA1

44c93d3f5e021a2c736f3b29e94342c1404fa549

SHA256

6afc05e16f34327163a5576483ec7a3c56ba26c762648b9b9261901382af4a65

SHA512

5af85c92b890bd7973938e683fda4097d72d220d5a3ba14d95592ce07ba118d09597d7539e6e3f9ed92ada5d136a942bdec061e057fb155276d294cc913213c4

Tags

Signatures

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association
  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1

                Score
                10/10

                behavioral1

                Score
                10/10

                behavioral2

                Score
                10/10