General

  • Target

    24807931df8cd633fd0fb26e4bf9ea5ec57714b5706c032cf9cacc1372f732f0

  • Size

    222KB

  • Sample

    221002-fn8b5ahff9

  • MD5

    70cd3aa628a3263fa37d2e6c73360a40

  • SHA1

    f8c70e3e1c774ecd440854a0c2d5649cc21c1d50

  • SHA256

    24807931df8cd633fd0fb26e4bf9ea5ec57714b5706c032cf9cacc1372f732f0

  • SHA512

    101fdbe39f67969ad36f2cb57bfecda04a2dd1d051b14530f799b4c4b1efad7c608e7aad2ee6e65a8ad802087b35c89af886ac7f32a6da72e3d794010ccccf71

  • SSDEEP

    3072:sr85CTc05X9qCrep6NTV0JI5NeCRBu5e8QSSq6yc9d555e8QSSq6yc9d5q:k9w0x9qCrAg+JA3k5e8JUp5e8JUa

Malware Config

Targets

    • Target

      24807931df8cd633fd0fb26e4bf9ea5ec57714b5706c032cf9cacc1372f732f0

    • Size

      222KB

    • MD5

      70cd3aa628a3263fa37d2e6c73360a40

    • SHA1

      f8c70e3e1c774ecd440854a0c2d5649cc21c1d50

    • SHA256

      24807931df8cd633fd0fb26e4bf9ea5ec57714b5706c032cf9cacc1372f732f0

    • SHA512

      101fdbe39f67969ad36f2cb57bfecda04a2dd1d051b14530f799b4c4b1efad7c608e7aad2ee6e65a8ad802087b35c89af886ac7f32a6da72e3d794010ccccf71

    • SSDEEP

      3072:sr85CTc05X9qCrep6NTV0JI5NeCRBu5e8QSSq6yc9d555e8QSSq6yc9d5q:k9w0x9qCrAg+JA3k5e8JUp5e8JUa

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks