b478f1b81364b8498b6ee8779593f2e2b41fa987261abf359c2e1daefbb7a2b4
General
Target
Size
Sample
b478f1b81364b8498b6ee8779593f2e2b41fa987261abf359c2e1daefbb7a2b4
208KB
220122-bbfn5afgh4
Score
10 /10
MD5
SHA1
SHA256
SHA512
efa3b342a50f336062d2bd7f06103965
d2cd5c11dfcec8b8d642b53a7fe8203dcae09bd6
b478f1b81364b8498b6ee8779593f2e2b41fa987261abf359c2e1daefbb7a2b4
477fbc42737960b986557901f93054b1bfbc2d049fbd36294d83b880c6d3cc033a3c0fa94953359fedf8e068be14ad6fb1aca76870c6e7c776e056c321c751d7
Malware Config
Targets
Target
MD5
Filesize
b478f1b81364b8498b6ee8779593f2e2b41fa987261abf359c2e1daefbb7a2b4
efa3b342a50f336062d2bd7f06103965
208KB
Score
10/10
SHA1
SHA256
SHA512
d2cd5c11dfcec8b8d642b53a7fe8203dcae09bd6
b478f1b81364b8498b6ee8779593f2e2b41fa987261abf359c2e1daefbb7a2b4
477fbc42737960b986557901f93054b1bfbc2d049fbd36294d83b880c6d3cc033a3c0fa94953359fedf8e068be14ad6fb1aca76870c6e7c776e056c321c751d7
Tags
Signatures
-
Modifies system executable filetype association
-
Neshta
Description
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
Tags
-
Drops file in Drivers directory
-
Executes dropped EXE
-
UPX packed file
Description
Detects executables packed with UPX/modified UPX open source packer.
Tags
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs
-
Adds Run key to start application
Tags
TTPs
-
Suspicious use of SetThreadContext
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Privilege Escalation
Tasks