General

  • Target

    3ad84d82c7e3d4a7dd1b376727526259930a26dee67504ab69c94618fc265e08

  • Size

    907KB

  • Sample

    221019-b3rwgaehhl

  • MD5

    6daef75be16d5a1023328fa29e05c0a4

  • SHA1

    26b9a06da0993d972a6c5c875d7e8ab7b339cc9d

  • SHA256

    3ad84d82c7e3d4a7dd1b376727526259930a26dee67504ab69c94618fc265e08

  • SHA512

    3ffd731c0b44cd51da4c1758f483af4d9c5025beb30297e0edecaef2849fd2278c9d979e3751c8ec790fb8089ec46009cf8e46db39a1316d40b3feb4612ffe16

  • SSDEEP

    12288:ncHPTolaGtGh+FWTnMOdDOvWvad0J5Xm8EoDhoWKdkR4U/4iloBpc58xPCSM5huw:cMa+eAQLloBRqSuhu3PY

Malware Config

Targets

    • Target

      3ad84d82c7e3d4a7dd1b376727526259930a26dee67504ab69c94618fc265e08

    • Size

      907KB

    • MD5

      6daef75be16d5a1023328fa29e05c0a4

    • SHA1

      26b9a06da0993d972a6c5c875d7e8ab7b339cc9d

    • SHA256

      3ad84d82c7e3d4a7dd1b376727526259930a26dee67504ab69c94618fc265e08

    • SHA512

      3ffd731c0b44cd51da4c1758f483af4d9c5025beb30297e0edecaef2849fd2278c9d979e3751c8ec790fb8089ec46009cf8e46db39a1316d40b3feb4612ffe16

    • SSDEEP

      12288:ncHPTolaGtGh+FWTnMOdDOvWvad0J5Xm8EoDhoWKdkR4U/4iloBpc58xPCSM5huw:cMa+eAQLloBRqSuhu3PY

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks