General

  • Target

    2bfce82f53f3c8b86e1511e3af65cec09ead673cdcfaa44ae6d7421e86edff7f

  • Size

    107KB

  • Sample

    221018-ppvl4afgf2

  • MD5

    bfba312b37c67c315b65864610136d0c

  • SHA1

    5cb7b60305aa0ee4ab0e4e4fe911eae7de6a8d2f

  • SHA256

    2bfce82f53f3c8b86e1511e3af65cec09ead673cdcfaa44ae6d7421e86edff7f

  • SHA512

    ef5df2bb6df5632d987e545c001e1abee7a29bc005ecca3c4c6aaadc5eb2adb4aafba7351325218d2fedcd5d6af920efc7e497bf5e9ac24123a190c45dfdf3a6

  • SSDEEP

    3072:sr85CxH3ce9yZSM2JQwDP/q0OIXxmdytU:k9xYoR7xOWm8U

Malware Config

Targets

    • Target

      2bfce82f53f3c8b86e1511e3af65cec09ead673cdcfaa44ae6d7421e86edff7f

    • Size

      107KB

    • MD5

      bfba312b37c67c315b65864610136d0c

    • SHA1

      5cb7b60305aa0ee4ab0e4e4fe911eae7de6a8d2f

    • SHA256

      2bfce82f53f3c8b86e1511e3af65cec09ead673cdcfaa44ae6d7421e86edff7f

    • SHA512

      ef5df2bb6df5632d987e545c001e1abee7a29bc005ecca3c4c6aaadc5eb2adb4aafba7351325218d2fedcd5d6af920efc7e497bf5e9ac24123a190c45dfdf3a6

    • SSDEEP

      3072:sr85CxH3ce9yZSM2JQwDP/q0OIXxmdytU:k9xYoR7xOWm8U

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks