General

  • Target

    c2cfffc77eb2ae38cccb4e84e9283a01

  • Size

    659KB

  • Sample

    240409-y48xpshg25

  • MD5

    c2cfffc77eb2ae38cccb4e84e9283a01

  • SHA1

    a5733ecaccf364f4001ab9a9c28df6c1dd78a9a0

  • SHA256

    9bbb7abb127a8c6e0b8a328d4ef81e2218ebf3f0e1a5c65eacb7069f8c91d3f4

  • SHA512

    a396a2649b521ac3f504efd8095e3e9a648f2344de35fa16288c5f02d83b7c905bdb4f151daa8fa361d105f61bd4a26eaccb3042bfd07e84a5ce8a3cee0a69b2

  • SSDEEP

    3072:sr85CmJbL5LDnJt6QZw+BxtkhQTPq/uSkhRzFV2xyz:k9mJb9LDnJt6QZwGtXTPwTeFEoz

Malware Config

Targets

    • Target

      c2cfffc77eb2ae38cccb4e84e9283a01

    • Size

      659KB

    • MD5

      c2cfffc77eb2ae38cccb4e84e9283a01

    • SHA1

      a5733ecaccf364f4001ab9a9c28df6c1dd78a9a0

    • SHA256

      9bbb7abb127a8c6e0b8a328d4ef81e2218ebf3f0e1a5c65eacb7069f8c91d3f4

    • SHA512

      a396a2649b521ac3f504efd8095e3e9a648f2344de35fa16288c5f02d83b7c905bdb4f151daa8fa361d105f61bd4a26eaccb3042bfd07e84a5ce8a3cee0a69b2

    • SSDEEP

      3072:sr85CmJbL5LDnJt6QZw+BxtkhQTPq/uSkhRzFV2xyz:k9mJb9LDnJt6QZwGtXTPwTeFEoz

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks