Overview

overview

10

Static

static

10

easyMalici...e5.exe

windows10-2004-x64

10

Resubmissions

08/07/2023, 10:26

230708-mgh7zseb82 10

08/07/2023, 10:14

230708-l9p1kafa3v 10

07/07/2023, 12:07

230707-paqdtshh6t 10

05/07/2023, 12:35

230705-psrplsdg71 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    easyMalicious2766293552e5.exe

  • Size

    1.5MB

  • Sample

    230707-paqdtshh6t

  • MD5

    395f5a39d8dc635418e5ea7cacf392a4

  • SHA1

    316367fb304699c890d5c6025ea4651647aac277

  • SHA256

    14e9904733154702559ca23a6ea0bcebcef86b9682045509f1b21a0513f705bc

  • SHA512

    c16551b4ccd844dfd15abf282614d65de2eb18a70321f8f136cb2e6dd36e05e0e0767786cd886a0a22fb31f01dadf5069ebdb25e2421cc031d2eea6278e0b19d

  • SSDEEP

    24576:70OgR8U9TQ1GOjpK/Lv8dQB2GLZc378ObDicDf+V0BG5QQh02lL1kZzmS1OAs+QL:ydDYOTcr8OZfvD6lOGz+cFsWp

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      easyMalicious2766293552e5.exe

    • Size

      1.5MB

    • MD5

      395f5a39d8dc635418e5ea7cacf392a4

    • SHA1

      316367fb304699c890d5c6025ea4651647aac277

    • SHA256

      14e9904733154702559ca23a6ea0bcebcef86b9682045509f1b21a0513f705bc

    • SHA512

      c16551b4ccd844dfd15abf282614d65de2eb18a70321f8f136cb2e6dd36e05e0e0767786cd886a0a22fb31f01dadf5069ebdb25e2421cc031d2eea6278e0b19d

    • SSDEEP

      24576:70OgR8U9TQ1GOjpK/Lv8dQB2GLZc378ObDicDf+V0BG5QQh02lL1kZzmS1OAs+QL:ydDYOTcr8OZfvD6lOGz+cFsWp

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks