Overview

overview

10

Static

static

10

3d7e781320...AS.exe

windows7-x64

10

3d7e781320...AS.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d7e7813207093caa26427cf036cb9c6_NEAS.exe

  • Size

    5.4MB

  • Sample

    240506-vl3fesba71

  • MD5

    3d7e7813207093caa26427cf036cb9c6

  • SHA1

    3451b3d29d43b5e5e0d145ff05157e904926db86

  • SHA256

    4e62e7a3b77d4d0abb803c175f51d1242fda33bfd3308991b9e90391cac1c369

  • SHA512

    a3ee90811d637cbb930ca99c686b0eec454f660e10f6919bae4a101fac60e838cd8bd69b0aabdc267e41bb7e8f63f80132a706067d104eaf5f914cd83a7ec35d

  • SSDEEP

    49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok3QTj+J49iApNKBTOyCPOOlYvoGxUSJpXW:FlerjesRJ8YQU/cX9iTOPOOsRXW

Score
10/10
darkcometneshtapersistencespywarestealer

Malware Config

Targets

    • Target

      3d7e7813207093caa26427cf036cb9c6_NEAS.exe

    • Size

      5.4MB

    • MD5

      3d7e7813207093caa26427cf036cb9c6

    • SHA1

      3451b3d29d43b5e5e0d145ff05157e904926db86

    • SHA256

      4e62e7a3b77d4d0abb803c175f51d1242fda33bfd3308991b9e90391cac1c369

    • SHA512

      a3ee90811d637cbb930ca99c686b0eec454f660e10f6919bae4a101fac60e838cd8bd69b0aabdc267e41bb7e8f63f80132a706067d104eaf5f914cd83a7ec35d

    • SSDEEP

      49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok3QTj+J49iApNKBTOyCPOOlYvoGxUSJpXW:FlerjesRJ8YQU/cX9iTOPOOsRXW

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks