General

  • Target

    18194953504.zip

  • Size

    538KB

  • Sample

    240718-h7xqva1hkd

  • MD5

    a94969838753e0b20e72347ace56ee48

  • SHA1

    0572ba8afda93e28436ee362bfdaaae93d621efb

  • SHA256

    73dc858f2f0d0efe26ce422ab453af8ddda1f0662e9e436c6ff9d07651681665

  • SHA512

    e117f33fa84f1ca8232a4167059778d0eea3cc99244f20f0e66de91f0e5b8227edcd62423fd09ed3f223fe3c0caf6ae16cdbb349e1bbe1725532b637681053b2

  • SSDEEP

    12288:niAgbkm41u52TQg0CtAQQss3VhpU+TTLPbUA2WP:S4EMcCm2sO+LoAb

Malware Config

Targets

    • Target

      a5e33d2656242a582575eba16888ad0dbf1a0ef322a959057b2f7330bae05820

    • Size

      2.4MB

    • MD5

      b84b63311584a57f0b2adc7fdf8c6a04

    • SHA1

      780db81704c3af1801e9ccf8a9621f467c00d71e

    • SHA256

      a5e33d2656242a582575eba16888ad0dbf1a0ef322a959057b2f7330bae05820

    • SHA512

      cee9a68aff49b0bdf3a222b660e23a782ac07eee123893096fe2311dec0bb8e434c38a6908aa5b8b43d203ce6f87f762f2aec99426a35e4c19f6ec26f7c50fe9

    • SSDEEP

      24576:SIljNCuH99UmYOFwtCys2ZDq+yCUbpIWh1BMNRiHuAm:v9U3LZRUuWXU0HuAm

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks