General

  • Target

    d1892bc4ce6c2c903edf8592e54cc2b0fac50c4a7e031b09807d416797862f19

  • Size

    192KB

  • Sample

    221002-fnve9sahcj

  • MD5

    67f1cfa2aaaf10e8cf387823bf037690

  • SHA1

    11bda2822b4f40c316bc1ae3cb94444b631c0db6

  • SHA256

    d1892bc4ce6c2c903edf8592e54cc2b0fac50c4a7e031b09807d416797862f19

  • SHA512

    a978854147db2b489f3a1af8067e5019c908554e73c2403e0a955e5eccd11387764e3181f2fd5a9636278877bde3312422bab45628a7fffcef9ec82cf7256df4

  • SSDEEP

    6144:k9gMb3J+W+CYOSdgZzwhMPS1CYOSdgZzwhMPSn:LMb3J+W/SdgZzwhMPSSSdgZzwhMPSn

Malware Config

Targets

    • Target

      d1892bc4ce6c2c903edf8592e54cc2b0fac50c4a7e031b09807d416797862f19

    • Size

      192KB

    • MD5

      67f1cfa2aaaf10e8cf387823bf037690

    • SHA1

      11bda2822b4f40c316bc1ae3cb94444b631c0db6

    • SHA256

      d1892bc4ce6c2c903edf8592e54cc2b0fac50c4a7e031b09807d416797862f19

    • SHA512

      a978854147db2b489f3a1af8067e5019c908554e73c2403e0a955e5eccd11387764e3181f2fd5a9636278877bde3312422bab45628a7fffcef9ec82cf7256df4

    • SSDEEP

      6144:k9gMb3J+W+CYOSdgZzwhMPS1CYOSdgZzwhMPSn:LMb3J+W/SdgZzwhMPSSSdgZzwhMPSn

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks