General

  • Target

    514b64c718b33ad68da7239f89c27ad3acdcde1afe17286045aa107f8aecd002

  • Size

    153KB

  • Sample

    221002-fn643ahff6

  • MD5

    704d2495f48af583a430f01eb685738f

  • SHA1

    1ad4f881519bafdd02a4d42abbc95d29ca9a9172

  • SHA256

    514b64c718b33ad68da7239f89c27ad3acdcde1afe17286045aa107f8aecd002

  • SHA512

    50f658558cd20f0015e74240310d4413558f9c6d5c03b219cb7d33d80c3fadcbb74ded1073a6f9c96b44a1eb90ed8d273dd051d8800b76e96a64686d0aeb33ef

  • SSDEEP

    1536:JxqjQ+P04wsmJCS9Jy8czZItF7HkZaV7QdMfW/TouJn7QdMfW/TouJo:sr85CSvy8i2tNHIO73fWro873fWroL

Malware Config

Targets

    • Target

      514b64c718b33ad68da7239f89c27ad3acdcde1afe17286045aa107f8aecd002

    • Size

      153KB

    • MD5

      704d2495f48af583a430f01eb685738f

    • SHA1

      1ad4f881519bafdd02a4d42abbc95d29ca9a9172

    • SHA256

      514b64c718b33ad68da7239f89c27ad3acdcde1afe17286045aa107f8aecd002

    • SHA512

      50f658558cd20f0015e74240310d4413558f9c6d5c03b219cb7d33d80c3fadcbb74ded1073a6f9c96b44a1eb90ed8d273dd051d8800b76e96a64686d0aeb33ef

    • SSDEEP

      1536:JxqjQ+P04wsmJCS9Jy8czZItF7HkZaV7QdMfW/TouJn7QdMfW/TouJo:sr85CSvy8i2tNHIO73fWro873fWroL

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks