General

  • Target

    1b3d317a4c5cc886e1ef6862a9d1c0f0N.exe

  • Size

    3.6MB

  • Sample

    240724-11a8dazdqk

  • MD5

    1b3d317a4c5cc886e1ef6862a9d1c0f0

  • SHA1

    655497dd955718af19692f82271296029e77fd3c

  • SHA256

    a27a76a87e39a674808c4cd0e7e5556ac35c26c383aff20af49996d34da60781

  • SHA512

    24bcf104753a74a859d1ac5e66914f506e1f57f63327d93fcdf317c59d86f7ad936f42137198475208b477a3dcd1b9c439423185a2766edef65490c83caad43d

  • SSDEEP

    98304:PjGUGLRh8T/dKI1pOv2h9VpsA/wG1BsHxkVJTfge2zXeAUUH:V7EAM4wSuxkD32zOAtH

Malware Config

Targets

    • Target

      1b3d317a4c5cc886e1ef6862a9d1c0f0N.exe

    • Size

      3.6MB

    • MD5

      1b3d317a4c5cc886e1ef6862a9d1c0f0

    • SHA1

      655497dd955718af19692f82271296029e77fd3c

    • SHA256

      a27a76a87e39a674808c4cd0e7e5556ac35c26c383aff20af49996d34da60781

    • SHA512

      24bcf104753a74a859d1ac5e66914f506e1f57f63327d93fcdf317c59d86f7ad936f42137198475208b477a3dcd1b9c439423185a2766edef65490c83caad43d

    • SSDEEP

      98304:PjGUGLRh8T/dKI1pOv2h9VpsA/wG1BsHxkVJTfge2zXeAUUH:V7EAM4wSuxkD32zOAtH

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks