General
-
Target
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
-
Size
6MB
-
Sample
211231-llh74sggd8
-
MD5
120e6c560c8582338b97bc1112703588
-
SHA1
4017ad3a595577f006273315a927764d6bf53941
-
SHA256
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
-
SHA512
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
Malware Config
Targets
-
-
Target
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
-
Size
6MB
-
MD5
120e6c560c8582338b97bc1112703588
-
SHA1
4017ad3a595577f006273315a927764d6bf53941
-
SHA256
aa49729965e546407fb7295d3ec68fd60ef327ce6c1047b71b0236de7925cb44
-
SHA512
92c7f20c9b9b4ab36a5bd189aa7dcf76d38b5c13b40be2c65b5fa7f865a0c7bfd196cc8f7437f0c7a36e135c74f42381e2572a9d4804e7b6cec1541fdc05929d
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
XMRig Miner Payload
-
Executes dropped EXE
-
MITRE ATT&CK Matrix
Collection
Data from Local System
1Command and Control
Credential Access
Credentials in Files
1Defense Evasion
Modify Registry
1Discovery
System Information Discovery
1Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Change Default File Association
1Privilege Escalation