General

  • Target

    471f811489219761739bc62deee1123f9c8a0586a8fdd6f81d5d352a4aa18c8e

  • Size

    4.4MB

  • Sample

    221019-b3pq4sedd7

  • MD5

    3765d8ad9f8c7da49caf078f4d948437

  • SHA1

    df4b101eb7c02ea432e7e8f3efe15fc13d806860

  • SHA256

    471f811489219761739bc62deee1123f9c8a0586a8fdd6f81d5d352a4aa18c8e

  • SHA512

    6216377e04f66ae15f1af00bc143104657460515cb446afe2761fec0f1b1d7abe11b3e4358bf21ee0a502658c0a9e19058bb656f10821c14c6c9ace327e39a9f

  • SSDEEP

    49152:AutxLe02LKgKq86LINpaoa+W7/HfKnaAJevOewRn97dPaJcitLF2iQhw06CIJoYr:A9XVp8RWiemzSJciF24

Malware Config

Targets

    • Target

      471f811489219761739bc62deee1123f9c8a0586a8fdd6f81d5d352a4aa18c8e

    • Size

      4.4MB

    • MD5

      3765d8ad9f8c7da49caf078f4d948437

    • SHA1

      df4b101eb7c02ea432e7e8f3efe15fc13d806860

    • SHA256

      471f811489219761739bc62deee1123f9c8a0586a8fdd6f81d5d352a4aa18c8e

    • SHA512

      6216377e04f66ae15f1af00bc143104657460515cb446afe2761fec0f1b1d7abe11b3e4358bf21ee0a502658c0a9e19058bb656f10821c14c6c9ace327e39a9f

    • SSDEEP

      49152:AutxLe02LKgKq86LINpaoa+W7/HfKnaAJevOewRn97dPaJcitLF2iQhw06CIJoYr:A9XVp8RWiemzSJciF24

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks