General

  • Target

    10afd3b587fd98a88b2e6a241fb91c50N.exe

  • Size

    1.6MB

  • Sample

    240724-z8mqpsxglj

  • MD5

    10afd3b587fd98a88b2e6a241fb91c50

  • SHA1

    2d922ca094888ced5d43735fd13b08ae4a5f259e

  • SHA256

    c2b2b661f67d2748d3dd46576ddf3c4eded1db9fb7446b729ca27ee7b6140911

  • SHA512

    acf8e541985e8df63f0b5e8516bdb2718cbdbd1ab13a712b471f005bd16c94f8dd01086a0e386a50c30f8bbe95b4b68a603f17385edbd882f0a961a9bb0c2889

  • SSDEEP

    24576:diGcWcmBmxW2afDQ2XK5xzdVmzQldODJpyBZWM93uVCRXmVsuY:0G/2afDtkNsQSJpmYM6S5

Malware Config

Targets

    • Target

      10afd3b587fd98a88b2e6a241fb91c50N.exe

    • Size

      1.6MB

    • MD5

      10afd3b587fd98a88b2e6a241fb91c50

    • SHA1

      2d922ca094888ced5d43735fd13b08ae4a5f259e

    • SHA256

      c2b2b661f67d2748d3dd46576ddf3c4eded1db9fb7446b729ca27ee7b6140911

    • SHA512

      acf8e541985e8df63f0b5e8516bdb2718cbdbd1ab13a712b471f005bd16c94f8dd01086a0e386a50c30f8bbe95b4b68a603f17385edbd882f0a961a9bb0c2889

    • SSDEEP

      24576:diGcWcmBmxW2afDQ2XK5xzdVmzQldODJpyBZWM93uVCRXmVsuY:0G/2afDtkNsQSJpmYM6S5

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks