General

  • Target

    c72156c9b44f7b0f48d21c9e5034dd8038e2ca78e2128bcc63bad7fd2c2c51c9

  • Size

    40KB

  • Sample

    221129-jydgaaea2y

  • MD5

    0cc516fa5abd2492608d420e682471a2

  • SHA1

    7f47b0dfaea8b782b6de86c0da33323c8f6ec19f

  • SHA256

    c72156c9b44f7b0f48d21c9e5034dd8038e2ca78e2128bcc63bad7fd2c2c51c9

  • SHA512

    afc124c4c2f1fb63bd818d70018ff820e16604ad1bed6d64c37e2a678159fa8d2867c4d8ecb8040836753d7ca734df14ad0eb459513e0b172c82ed78ce0ae1be

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:JxqjQ+P04wsmJC

Malware Config

Targets

    • Target

      c72156c9b44f7b0f48d21c9e5034dd8038e2ca78e2128bcc63bad7fd2c2c51c9

    • Size

      40KB

    • MD5

      0cc516fa5abd2492608d420e682471a2

    • SHA1

      7f47b0dfaea8b782b6de86c0da33323c8f6ec19f

    • SHA256

      c72156c9b44f7b0f48d21c9e5034dd8038e2ca78e2128bcc63bad7fd2c2c51c9

    • SHA512

      afc124c4c2f1fb63bd818d70018ff820e16604ad1bed6d64c37e2a678159fa8d2867c4d8ecb8040836753d7ca734df14ad0eb459513e0b172c82ed78ce0ae1be

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:JxqjQ+P04wsmJC

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Change Default File Association

1
T1042

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks