General

  • Target

    61c286cc6bee837a7bff493f24443082df022dab6645d480b0f04ef9b14aa544

  • Size

    734KB

  • Sample

    221002-fn4zpsahdm

  • MD5

    6bc2b77b992ac85e3799f88361dcdcd0

  • SHA1

    4164cd93af87d93ce896b69cd902be7328a6839e

  • SHA256

    61c286cc6bee837a7bff493f24443082df022dab6645d480b0f04ef9b14aa544

  • SHA512

    e47bfb2d185af9bac2f80f3624e6a3c52c755f672cc16b63a04f4c8365ded6473daa197ccb2a0047d6ca9c498949ad5cee0de716b301538d710afadbcd6ab4a5

  • SSDEEP

    12288:SwxBLaDJaHOXojQMCjrjOIj5nHiozEvXAHPoaTsBudwsrFsEAM:LBI2jQ7jvDiozEvXAHPoaTWCWA

Malware Config

Targets

    • Target

      61c286cc6bee837a7bff493f24443082df022dab6645d480b0f04ef9b14aa544

    • Size

      734KB

    • MD5

      6bc2b77b992ac85e3799f88361dcdcd0

    • SHA1

      4164cd93af87d93ce896b69cd902be7328a6839e

    • SHA256

      61c286cc6bee837a7bff493f24443082df022dab6645d480b0f04ef9b14aa544

    • SHA512

      e47bfb2d185af9bac2f80f3624e6a3c52c755f672cc16b63a04f4c8365ded6473daa197ccb2a0047d6ca9c498949ad5cee0de716b301538d710afadbcd6ab4a5

    • SSDEEP

      12288:SwxBLaDJaHOXojQMCjrjOIj5nHiozEvXAHPoaTsBudwsrFsEAM:LBI2jQ7jvDiozEvXAHPoaTWCWA

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks