neshta | 756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa | Triage

Submit
Reports

Overview

overview

Static

static

756c666346...fa.exe

windows7_x64

756c666346...fa.exe

windows10-2004_x64

1

Sharing

General

Target

756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa
Size

1.5MB
Sample

220524-sapdbafcc6
MD5

bac41ffb03bee5127674cd89c64cd8ce
SHA1

d20e01540d8c9c2680139fe4994e30a4a2f00869
SHA256

756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa
SHA512

1406bc016bef8a934ee176389b8cd1ffa8a90a475bd0695549b3c2cfbd29451676cf370f21215b6d09c720bf9410edb46f9f3ca60a49c6de3a18a75a3eb33619

Score

10^/10

neshta persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa.exe

Resource

win7-20220414-en

neshta persistence spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa
- Size
  
  1.5MB
- MD5
  
  bac41ffb03bee5127674cd89c64cd8ce
- SHA1
  
  d20e01540d8c9c2680139fe4994e30a4a2f00869
- SHA256
  
  756c6663467031659800483bb3c50c992f79e0fd9b422acdd4b878b6bf9ddafa
- SHA512
  
  1406bc016bef8a934ee176389b8cd1ffa8a90a475bd0695549b3c2cfbd29451676cf370f21215b6d09c720bf9410edb46f9f3ca60a49c6de3a18a75a3eb33619
Score

10^/10

neshta persistence spyware stealer
- Modifies system executable filetype association
  persistence
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

neshtapersistencespywarestealer

behavioral2

© 2018-2024

Terms | Privacy