Overview

overview

10

Static

static

3

d60208f389...8e.exe

windows7-x64

10

d60208f389...8e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d60208f3894f4556caae5ed2297c0ef1593a4a66f5af8f3f2e44a8f2896bbf8e.zip

  • Size

    21KB

  • Sample

    240715-mxe59ssfmj

  • MD5

    8c8b1e06189a3b663cdde25814ba042a

  • SHA1

    cb5c62efce109180a9c2a895d0fc033e5dac7bf1

  • SHA256

    114efcdd88ff496008184061a54fbb2e05d44a5fe496748530017ff38492f16e

  • SHA512

    61a67395d15fd043d287e2d4dc56b8c9b5ba0b64bcb18bccaebfd49278012eb2ad384141a57e4f68d1dd833a4e27aa19e561dda1565d0941dc0e5b85d9cc6ca2

  • SSDEEP

    384:BcR6YEdrdQugvbB7fRwh29rboXCiX83MTTA6OExnvexPAlU5V17iYVyZY9lTg3:Y6YEZdavlJw8lbWLNTTROEmuETw

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      d60208f3894f4556caae5ed2297c0ef1593a4a66f5af8f3f2e44a8f2896bbf8e.exe

    • Size

      40KB

    • MD5

      2f50aca08ffc461c86e8fb5bbedda142

    • SHA1

      6fc5319d084c6e13f950c24c78a9cadb7793c638

    • SHA256

      d60208f3894f4556caae5ed2297c0ef1593a4a66f5af8f3f2e44a8f2896bbf8e

    • SHA512

      785225fe823c5724c7ebbfb17f31ffcfc2b3b852369b4d3e002b54476ad8c0f4a5d6ac29d43886361bc8deda29db9f9ce70b1e4496b08390a8ead50ddac9d46e

    • SSDEEP

      768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

    Score
    10/10
    neshtapersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks