Resubmissions

09-04-2024 13:12

240409-qfp6pafh29 10

09-04-2024 13:12

240409-qfpj6afh28 10

09-04-2024 13:12

240409-qfnymafh27 10

09-04-2024 13:12

240409-qfnb4afh26 10

08-04-2024 01:29

240408-bwbkxacg64 10

General

  • Target

    5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe

  • Size

    8.6MB

  • Sample

    240414-mf993sah4z

  • MD5

    0bba9ea4154714cec6d67a8788535723

  • SHA1

    4ae792b89db732e5c664bccaec9ef10797a8488d

  • SHA256

    5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b

  • SHA512

    6cb04eebd19aa8baff8853b5d7474b3f8feb86e0dcc4cc28035c3a44aaada61f6bd9beb7831d6f7e2f742665898994f9aec7264309c0c908e561cca21ee7e2a4

  • SSDEEP

    98304:D6cZV1QNa2cGlKTdAp1VdV/b+tAeGJwTt1BWmJwL+lTBHMjr33:ZZbQ5zdtb6p1BWYHG

Malware Config

Targets

    • Target

      5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe

    • Size

      8.6MB

    • MD5

      0bba9ea4154714cec6d67a8788535723

    • SHA1

      4ae792b89db732e5c664bccaec9ef10797a8488d

    • SHA256

      5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b

    • SHA512

      6cb04eebd19aa8baff8853b5d7474b3f8feb86e0dcc4cc28035c3a44aaada61f6bd9beb7831d6f7e2f742665898994f9aec7264309c0c908e561cca21ee7e2a4

    • SSDEEP

      98304:D6cZV1QNa2cGlKTdAp1VdV/b+tAeGJwTt1BWmJwL+lTBHMjr33:ZZbQ5zdtb6p1BWYHG

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks