Overview

overview

10

Static

static

a3ff73452b...b5.exe

windows7-x64

10

a3ff73452b...b5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3ff73452b47aef403fbed5d1694ea6355f970c039770bcf0e3016434b2181b5

  • Size

    40KB

  • Sample

    221123-vd8mgabg2s

  • MD5

    52e141f54c5b3c308a683172dd988d40

  • SHA1

    6f16c29111d5c9d2509fabb9e4aa5b9e4f9e49de

  • SHA256

    a3ff73452b47aef403fbed5d1694ea6355f970c039770bcf0e3016434b2181b5

  • SHA512

    7cffc0a1ef2aa68de4622006095d84ac73bc3f3b1e0ada312e60df796a8b40a39e03e6a32431c8f21ae5f41654a99b3f6c018baff1e023f5cc9dc5951b3e80d0

  • SSDEEP

    768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJpvGU:yxqjQ+P04wsZLnDrC0G

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      a3ff73452b47aef403fbed5d1694ea6355f970c039770bcf0e3016434b2181b5

    • Size

      40KB

    • MD5

      52e141f54c5b3c308a683172dd988d40

    • SHA1

      6f16c29111d5c9d2509fabb9e4aa5b9e4f9e49de

    • SHA256

      a3ff73452b47aef403fbed5d1694ea6355f970c039770bcf0e3016434b2181b5

    • SHA512

      7cffc0a1ef2aa68de4622006095d84ac73bc3f3b1e0ada312e60df796a8b40a39e03e6a32431c8f21ae5f41654a99b3f6c018baff1e023f5cc9dc5951b3e80d0

    • SSDEEP

      768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJpvGU:yxqjQ+P04wsZLnDrC0G

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks