Overview

overview

10

Static

static

1

fead522663...dd.exe

windows7-x64

10

fead522663...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fead52266337c7c1ce34e160069973673c3c5932b3588f06f0c6b014c0cb78dd

  • Size

    703KB

  • Sample

    221129-jxyqtsah35

  • MD5

    90cd738e2ab584ae9f1faa6641d1c4ff

  • SHA1

    3b080867bc85e39b8d3606b7e6f9d4c72b5bd535

  • SHA256

    fead52266337c7c1ce34e160069973673c3c5932b3588f06f0c6b014c0cb78dd

  • SHA512

    ed1b2e27087cd38c02310f84a9a700741165f82aad18a10aad53eebda1ec2890df2747a02ea51bc1ab96362ac4478f07e9804898f769ab0045bfc868a3be0328

  • SSDEEP

    12288:zzQWAhaVQFipAkaDM3FH5Pd8RV82NGC4iPh170xiWMgFxJx9dZTO6CW:zsWAhaVQFTct5PHC4iPsVMihOm

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      fead52266337c7c1ce34e160069973673c3c5932b3588f06f0c6b014c0cb78dd

    • Size

      703KB

    • MD5

      90cd738e2ab584ae9f1faa6641d1c4ff

    • SHA1

      3b080867bc85e39b8d3606b7e6f9d4c72b5bd535

    • SHA256

      fead52266337c7c1ce34e160069973673c3c5932b3588f06f0c6b014c0cb78dd

    • SHA512

      ed1b2e27087cd38c02310f84a9a700741165f82aad18a10aad53eebda1ec2890df2747a02ea51bc1ab96362ac4478f07e9804898f769ab0045bfc868a3be0328

    • SSDEEP

      12288:zzQWAhaVQFipAkaDM3FH5Pd8RV82NGC4iPh170xiWMgFxJx9dZTO6CW:zsWAhaVQFTct5PHC4iPsVMihOm

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks