Overview

overview

10

Static

static

3

ac5cec58b7...54.exe

windows7-x64

10

ac5cec58b7...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5546790700db811d8a52c94ff4457f15.bin

  • Size

    663KB

  • Sample

    231031-ccj9dafh5z

  • MD5

    446306b7a63dae0a0e7ad7f20a0598c6

  • SHA1

    01869065f04875629a21e1db01f7ecaa727018e1

  • SHA256

    5da62cfd78fee9b276a686851c8575e5445aadded17619a2257501348da051a6

  • SHA512

    8aa4bedc16196a77a67d5d7bad227334dc2c22c22b55a6638819e81fbdba39191d9ad1840a590639b31490eddeff5156d6e510ccf4f4e3d2cdf8335ba036baa6

  • SSDEEP

    12288:jVvJ6UUtzpuqR2qzBdP1fY+oLAOGf8HgTi5NsiP4oia4bCb:F4Uqzputq9U5LAO88AO5ZlCmb

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      ac5cec58b7bf1c35c562556c984e15b057ba8b3224559f1cc523ea9b70b53354.exe

    • Size

      701KB

    • MD5

      5546790700db811d8a52c94ff4457f15

    • SHA1

      4c76fe7a6be125fe92d7d2dff863082555d22f37

    • SHA256

      ac5cec58b7bf1c35c562556c984e15b057ba8b3224559f1cc523ea9b70b53354

    • SHA512

      42f90a2501b419304e0590ed83feab346a6da7341c57ef20aff5e7e1a52884a5916fff45a07a27d5e837ff4c9ac93178c34cfe950d64ff36a982ec86816d64e0

    • SSDEEP

      12288:hwmXnDCWKMoy0XM+tKJeMJhibk7aG0N+CIZdWchqJSwgOeItCQHlhGwT:hwynNKMoTtKJpaG0N+CIZUlaj1wT

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks