General

  • Target

    e35f040e91050690ab7c4f31af49988491ac48162611f0d503222d3223bd88d2

  • Size

    228KB

  • Sample

    221002-fns77shff3

  • MD5

    6536d1e53b475cfc525355a47ab30450

  • SHA1

    bedbe2f8174c184ff43bf1e44d793797bb46cb69

  • SHA256

    e35f040e91050690ab7c4f31af49988491ac48162611f0d503222d3223bd88d2

  • SHA512

    a77a5034d7f633b0a9d025de018da99e2338c0496aeead757d8c06f117169c565baac6b8be88d2dbc2e6cd97fe8ff8f58462aa41a8956b331802841e28bcf2e7

  • SSDEEP

    3072:sr85CYZqbAMtVItT1CYFIoQ8S09Uur6KRv3JIrfhMHsWTLZ:k9YZqMMj01CYFYZu1Z3Wrg3fZ

Malware Config

Targets

    • Target

      e35f040e91050690ab7c4f31af49988491ac48162611f0d503222d3223bd88d2

    • Size

      228KB

    • MD5

      6536d1e53b475cfc525355a47ab30450

    • SHA1

      bedbe2f8174c184ff43bf1e44d793797bb46cb69

    • SHA256

      e35f040e91050690ab7c4f31af49988491ac48162611f0d503222d3223bd88d2

    • SHA512

      a77a5034d7f633b0a9d025de018da99e2338c0496aeead757d8c06f117169c565baac6b8be88d2dbc2e6cd97fe8ff8f58462aa41a8956b331802841e28bcf2e7

    • SSDEEP

      3072:sr85CYZqbAMtVItT1CYFIoQ8S09Uur6KRv3JIrfhMHsWTLZ:k9YZqMMj01CYFYZu1Z3Wrg3fZ

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks