Overview

overview

10

Static

static

tmp/6065149a-4...17.exe

windows7_x64

10

tmp/6065149a-4...17.exe

windows10_x64

10
General
Target

tmp/6065149a-4e5b-4b4f-a1e4-095f1751bf4e_1017.exe

Size

855KB

Sample

211229-m31ddsdchj

Score
10/10
MD5

521447b36c3c0b8c123e149e9aee2eb3

SHA1

de9cfbd7807bcfef61790670b4e94f2c8d352ac9

SHA256

02323ad7d39bea5d5e736d6a66e31840542cf2c75f265b46b501ed2452cef2ce

SHA512

cc411a82c357916cd6e6fb52d34ded67c95fe4657da6a07ab3770cb11d601c8dfa28ffe0b10c66962851c22d582e789ad8334af93c5f1fa0df0a3905e571a69b

Malware Config
Targets
Target

tmp/6065149a-4e5b-4b4f-a1e4-095f1751bf4e_1017.exe

MD5

521447b36c3c0b8c123e149e9aee2eb3

Filesize

855KB

Score
10/10
SHA1

de9cfbd7807bcfef61790670b4e94f2c8d352ac9

SHA256

02323ad7d39bea5d5e736d6a66e31840542cf2c75f265b46b501ed2452cef2ce

SHA512

cc411a82c357916cd6e6fb52d34ded67c95fe4657da6a07ab3770cb11d601c8dfa28ffe0b10c66962851c22d582e789ad8334af93c5f1fa0df0a3905e571a69b

Tags

Signatures

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association

  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
Command and Control
    Credential Access
    Defense Evasion
    Discovery
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
              Privilege Escalation
                Tasks

                static1

                Score
                N/A

                behavioral1

                Score
                10/10

                behavioral2

                Score
                10/10