General

  • Target

    2d24515551a8e9a4b49a6e7c1146670436244ec30a0325629347170e0c6e388b.exe

  • Size

    173KB

  • Sample

    240408-bkm5kacc96

  • MD5

    6a187789b51c2e148c645ee78f34fab2

  • SHA1

    b6f8b996180aa43603f20998b11a4d6b24283dd3

  • SHA256

    2d24515551a8e9a4b49a6e7c1146670436244ec30a0325629347170e0c6e388b

  • SHA512

    df0c15d97153888d0238dfeafdd3ca00ba548bc4b86d0a00d8b47a38479a88c53a8f91375000b488cd4a45fdf984d34f1e1f649c9491d4b5fef945acd58a708f

  • SSDEEP

    3072:sr85CV00I3M+52nolIxh1KhkSaBIaLNAwxdSvs32BUKqsL6FBqrL:k9XnoEw52LNks3Uq+2q3

Malware Config

Targets

    • Target

      2d24515551a8e9a4b49a6e7c1146670436244ec30a0325629347170e0c6e388b.exe

    • Size

      173KB

    • MD5

      6a187789b51c2e148c645ee78f34fab2

    • SHA1

      b6f8b996180aa43603f20998b11a4d6b24283dd3

    • SHA256

      2d24515551a8e9a4b49a6e7c1146670436244ec30a0325629347170e0c6e388b

    • SHA512

      df0c15d97153888d0238dfeafdd3ca00ba548bc4b86d0a00d8b47a38479a88c53a8f91375000b488cd4a45fdf984d34f1e1f649c9491d4b5fef945acd58a708f

    • SSDEEP

      3072:sr85CV00I3M+52nolIxh1KhkSaBIaLNAwxdSvs32BUKqsL6FBqrL:k9XnoEw52LNks3Uq+2q3

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks