General

  • Target

    b56d121efcd61b12c4dd66c4fcb706374377cc438a0d30fb04a35812bf5177ab

  • Size

    1.8MB

  • Sample

    240414-a65q3afc3y

  • MD5

    fb7bd480f8786c48000deb414d6466d3

  • SHA1

    34427622553b2559621fd41811ebd36f9317366a

  • SHA256

    b56d121efcd61b12c4dd66c4fcb706374377cc438a0d30fb04a35812bf5177ab

  • SHA512

    34b639e86ac64b248412bcc527080af1eaf21d119fded32408d5e01b6127fe0b8d9f5d4fc46ac6d2f16929cad846292a36e6805858aced4a18f70eebe19e6759

  • SSDEEP

    49152:/tBCkXaIEe6ykAcLewW6jC+CJt+V3IZ6RiYj84UxfDhXtU1T:1BCkXa1eqAc6wWeoteYZ6RiYj84Ue

Malware Config

Targets

    • Target

      b56d121efcd61b12c4dd66c4fcb706374377cc438a0d30fb04a35812bf5177ab

    • Size

      1.8MB

    • MD5

      fb7bd480f8786c48000deb414d6466d3

    • SHA1

      34427622553b2559621fd41811ebd36f9317366a

    • SHA256

      b56d121efcd61b12c4dd66c4fcb706374377cc438a0d30fb04a35812bf5177ab

    • SHA512

      34b639e86ac64b248412bcc527080af1eaf21d119fded32408d5e01b6127fe0b8d9f5d4fc46ac6d2f16929cad846292a36e6805858aced4a18f70eebe19e6759

    • SSDEEP

      49152:/tBCkXaIEe6ykAcLewW6jC+CJt+V3IZ6RiYj84UxfDhXtU1T:1BCkXa1eqAc6wWeoteYZ6RiYj84Ue

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks