General

  • Target

    8307126aa1290b7d0013497b697505d3a84a737e3977149d8e4822a264c3e908

  • Size

    44KB

  • Sample

    221013-ww2sbagefq

  • MD5

    40e215e12838c7f3e3d9178e0fd6efc8

  • SHA1

    71d88ab35d4891dfc78119de511e10fa9cb3a990

  • SHA256

    8307126aa1290b7d0013497b697505d3a84a737e3977149d8e4822a264c3e908

  • SHA512

    2a53b2fa73b4beac63d6242dac5ee1adeb76ef408697c217c6552528525512145e3d9bbaff42a6a87fe4ffb377d5b85788515c1326ff8846349eadb354e0a6e4

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJS:JxqjQ+P04wsmJCp

Malware Config

Targets

    • Target

      8307126aa1290b7d0013497b697505d3a84a737e3977149d8e4822a264c3e908

    • Size

      44KB

    • MD5

      40e215e12838c7f3e3d9178e0fd6efc8

    • SHA1

      71d88ab35d4891dfc78119de511e10fa9cb3a990

    • SHA256

      8307126aa1290b7d0013497b697505d3a84a737e3977149d8e4822a264c3e908

    • SHA512

      2a53b2fa73b4beac63d6242dac5ee1adeb76ef408697c217c6552528525512145e3d9bbaff42a6a87fe4ffb377d5b85788515c1326ff8846349eadb354e0a6e4

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJS:JxqjQ+P04wsmJCp

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks