General

  • Target

    83c74d1115b0d3d5dad94342cb61f5e9a1f75319276ef677cc8080c12b726827

  • Size

    40KB

  • Sample

    221202-r2nenabf6y

  • MD5

    a4275c738df3cc90abaa1b2a791c08f1

  • SHA1

    bf0fd066eb9c4502c214172fdd085f50009fc3cc

  • SHA256

    83c74d1115b0d3d5dad94342cb61f5e9a1f75319276ef677cc8080c12b726827

  • SHA512

    3f788c3d0b5c69f578b57a553804e4387701a0066527dfc49da55c5519b5fe8f9a7ae7c40a2e3c085a87cfb8686f70dbfecfb9f11a892711d3961d688d3564c3

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJE:JxqjQ+P04wsmJCp

Malware Config

Targets

    • Target

      83c74d1115b0d3d5dad94342cb61f5e9a1f75319276ef677cc8080c12b726827

    • Size

      40KB

    • MD5

      a4275c738df3cc90abaa1b2a791c08f1

    • SHA1

      bf0fd066eb9c4502c214172fdd085f50009fc3cc

    • SHA256

      83c74d1115b0d3d5dad94342cb61f5e9a1f75319276ef677cc8080c12b726827

    • SHA512

      3f788c3d0b5c69f578b57a553804e4387701a0066527dfc49da55c5519b5fe8f9a7ae7c40a2e3c085a87cfb8686f70dbfecfb9f11a892711d3961d688d3564c3

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJE:JxqjQ+P04wsmJCp

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Change Default File Association

1
T1042

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks