General

  • Target

    tmp

  • Size

    4.9MB

  • Sample

    221017-fjtceaafh5

  • MD5

    12c15e04eb20664510999cb2c66b1b30

  • SHA1

    d50d81ea8880b816abb5723e1463f9a22e36c918

  • SHA256

    2a5806d62f65a535d07c61f2617bce6e46e3dc8de7f0076a594c0570c1bd9835

  • SHA512

    68c3afa9c071b4b2151c077cb97cd8753c8f08a5a82a3c6333b08504a02e3da6f12ebc5f2291ffce3230d5225ba239aa4911bb6fc6cf921e37f4cdcc3bff642b

  • SSDEEP

    98304:zchPS0xpNqWt5EKHOPpCvoQGckG7gfDn5XTC4+wJsv6tWKFdu9CTvHUQxshY:U6RpKHzvoVckrDCnwJsv6tWKFdu9CTSq

Malware Config

Targets

    • Target

      tmp

    • Size

      4.9MB

    • MD5

      12c15e04eb20664510999cb2c66b1b30

    • SHA1

      d50d81ea8880b816abb5723e1463f9a22e36c918

    • SHA256

      2a5806d62f65a535d07c61f2617bce6e46e3dc8de7f0076a594c0570c1bd9835

    • SHA512

      68c3afa9c071b4b2151c077cb97cd8753c8f08a5a82a3c6333b08504a02e3da6f12ebc5f2291ffce3230d5225ba239aa4911bb6fc6cf921e37f4cdcc3bff642b

    • SSDEEP

      98304:zchPS0xpNqWt5EKHOPpCvoQGckG7gfDn5XTC4+wJsv6tWKFdu9CTvHUQxshY:U6RpKHzvoVckrDCnwJsv6tWKFdu9CTSq

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks