General

  • Target

    228ca0c3c04b89d981fe0f22f79b8a12b5ed603407093d5a2e43164342f23ac8

  • Size

    428KB

  • Sample

    221002-fn9j7ahfg2

  • MD5

    66220a785a2ffb901af3158ed8bea148

  • SHA1

    ac42398438727f19ba57101cd2202c275d5c5952

  • SHA256

    228ca0c3c04b89d981fe0f22f79b8a12b5ed603407093d5a2e43164342f23ac8

  • SHA512

    37ae8dd2a95351a9be139d75bdc46a0cf7813fbbf83b0c719394e1764a3567f0e24f748eda32dc9f5d2085b4de924f8eddeb5012e98b3f7d8e1394c2c5eb0c3a

  • SSDEEP

    6144:k9N98eNNO0GRBk/DXqQrK57Sxh0LNvLeoMhlQiydrfuwANDJ8D6h4GVr+6wg:S64NEG/DXvLxujexh4Oh26h4GVqG

Malware Config

Targets

    • Target

      228ca0c3c04b89d981fe0f22f79b8a12b5ed603407093d5a2e43164342f23ac8

    • Size

      428KB

    • MD5

      66220a785a2ffb901af3158ed8bea148

    • SHA1

      ac42398438727f19ba57101cd2202c275d5c5952

    • SHA256

      228ca0c3c04b89d981fe0f22f79b8a12b5ed603407093d5a2e43164342f23ac8

    • SHA512

      37ae8dd2a95351a9be139d75bdc46a0cf7813fbbf83b0c719394e1764a3567f0e24f748eda32dc9f5d2085b4de924f8eddeb5012e98b3f7d8e1394c2c5eb0c3a

    • SSDEEP

      6144:k9N98eNNO0GRBk/DXqQrK57Sxh0LNvLeoMhlQiydrfuwANDJ8D6h4GVr+6wg:S64NEG/DXvLxujexh4Oh26h4GVqG

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks