Overview

overview

10

Static

static

10

76e0d5999d...1d.exe

windows7_x64

10

76e0d5999d...1d.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76e0d5999d31c50c72851ee44906974529045c7acffda7cf5d96e6d25795c21d

  • Size

    226KB

  • Sample

    220525-adg5asgdbj

  • MD5

    5e6f4494bbf9c04521bf3a0c9aad0e2e

  • SHA1

    3ef1d5c8c743bd4d39bbd968249fb80f74fd80a2

  • SHA256

    76e0d5999d31c50c72851ee44906974529045c7acffda7cf5d96e6d25795c21d

  • SHA512

    d86535f30f38f8b160eb5f37a0f681f7bcdcd5516652d2ddcfa0673c7c99f6a8b5ab60345ca3912b4dec6e311ac7b471262adae51ef72a07b0c262ad68eee727

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      76e0d5999d31c50c72851ee44906974529045c7acffda7cf5d96e6d25795c21d

    • Size

      226KB

    • MD5

      5e6f4494bbf9c04521bf3a0c9aad0e2e

    • SHA1

      3ef1d5c8c743bd4d39bbd968249fb80f74fd80a2

    • SHA256

      76e0d5999d31c50c72851ee44906974529045c7acffda7cf5d96e6d25795c21d

    • SHA512

      d86535f30f38f8b160eb5f37a0f681f7bcdcd5516652d2ddcfa0673c7c99f6a8b5ab60345ca3912b4dec6e311ac7b471262adae51ef72a07b0c262ad68eee727

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks