General

  • Target

    61d4bf0f47de1e1bdc4cbb5e44b9e0c6df1301e3c49d52b1c21d56c669e4e623

  • Size

    40KB

  • Sample

    221129-jyrznsea5s

  • MD5

    2f7dfc1d02eeeaabbd8a7e708e9c3666

  • SHA1

    ce80ac8c5fd4c928980e43b6488b94e850a439ec

  • SHA256

    61d4bf0f47de1e1bdc4cbb5e44b9e0c6df1301e3c49d52b1c21d56c669e4e623

  • SHA512

    050ffa46031aab5e8890661e41ecb96a2f16e6ce57c0e9bbe5c6f827b526a7acd6754ead8ec5d6be1d5f069006d462d0f2d5cff20cd736e651b5be56fb0567a6

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJRBb0d:JxqjQ+P04wsmJCaAd

Malware Config

Targets

    • Target

      61d4bf0f47de1e1bdc4cbb5e44b9e0c6df1301e3c49d52b1c21d56c669e4e623

    • Size

      40KB

    • MD5

      2f7dfc1d02eeeaabbd8a7e708e9c3666

    • SHA1

      ce80ac8c5fd4c928980e43b6488b94e850a439ec

    • SHA256

      61d4bf0f47de1e1bdc4cbb5e44b9e0c6df1301e3c49d52b1c21d56c669e4e623

    • SHA512

      050ffa46031aab5e8890661e41ecb96a2f16e6ce57c0e9bbe5c6f827b526a7acd6754ead8ec5d6be1d5f069006d462d0f2d5cff20cd736e651b5be56fb0567a6

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJRBb0d:JxqjQ+P04wsmJCaAd

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Change Default File Association

1
T1042

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks