General

  • Target

    5827d7236b77302ba59369bd9219912a8d4d6552ec60a72fdca4ba1e30eb7959

  • Size

    5.0MB

  • Sample

    240409-y83aqaaa35

  • MD5

    fc16ef626a2138b536aedb4882446a54

  • SHA1

    d72d4ed003dab5f48bf53cbb1ef5e7df08c8ce6d

  • SHA256

    5827d7236b77302ba59369bd9219912a8d4d6552ec60a72fdca4ba1e30eb7959

  • SHA512

    f3b7435dceb0403c7999131171ed35dabae925702ac67855d144ee460d5993a0e4d0b68966a7b6a213dd53759ace0f841daaca958048b20e85402c0d7e1655ad

  • SSDEEP

    98304:0zTZ3cINQscs0m++LNkT6OpwDGUUH57yvZ/49Mr8EO3QhA9Kh:0zt3cINQscNmvLCwDkHEvZ/4R79a

Malware Config

Targets

    • Target

      5827d7236b77302ba59369bd9219912a8d4d6552ec60a72fdca4ba1e30eb7959

    • Size

      5.0MB

    • MD5

      fc16ef626a2138b536aedb4882446a54

    • SHA1

      d72d4ed003dab5f48bf53cbb1ef5e7df08c8ce6d

    • SHA256

      5827d7236b77302ba59369bd9219912a8d4d6552ec60a72fdca4ba1e30eb7959

    • SHA512

      f3b7435dceb0403c7999131171ed35dabae925702ac67855d144ee460d5993a0e4d0b68966a7b6a213dd53759ace0f841daaca958048b20e85402c0d7e1655ad

    • SSDEEP

      98304:0zTZ3cINQscs0m++LNkT6OpwDGUUH57yvZ/49Mr8EO3QhA9Kh:0zt3cINQscNmvLCwDkHEvZ/4R79a

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks