General

  • Target

    svchost.exe

  • Size

    40KB

  • Sample

    220906-v85t3aeael

  • MD5

    fb91e471cfa246beb9618e1689f1ae1d

  • SHA1

    c9c2b6a5b930392b98f132f5395d54947391cb79

  • SHA256

    a23110f763cbecc6f2de868d413073d4af7a3514d5e728eac4989c33191be227

  • SHA512

    d21bc0ccfdb26ea3ff91f69963128e1a96202a7396dd956c11f85429ea9c236275c3de2cbcb81f038df38f0c973bbee60691d293f28f5a28168dd0f64347cfa3

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJpZZd6QH/m3HURNuz:JxqjQ+P04wsmJC0

Malware Config

Targets

    • Target

      svchost.exe

    • Size

      40KB

    • MD5

      fb91e471cfa246beb9618e1689f1ae1d

    • SHA1

      c9c2b6a5b930392b98f132f5395d54947391cb79

    • SHA256

      a23110f763cbecc6f2de868d413073d4af7a3514d5e728eac4989c33191be227

    • SHA512

      d21bc0ccfdb26ea3ff91f69963128e1a96202a7396dd956c11f85429ea9c236275c3de2cbcb81f038df38f0c973bbee60691d293f28f5a28168dd0f64347cfa3

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJpZZd6QH/m3HURNuz:JxqjQ+P04wsmJC0

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks