General

  • Target

    37837a9c68f6d4ca6e0b2af3f8d19930N.exe

  • Size

    4.3MB

  • Sample

    240725-abj6waycpf

  • MD5

    37837a9c68f6d4ca6e0b2af3f8d19930

  • SHA1

    d77b9fe4398da3ed7559a33c7eb980ec3ae53f03

  • SHA256

    fd485c1e6812714e16dc7adad9511d9edb0914d5f41d6c9f0e019bc78ef7a5e0

  • SHA512

    9cd5d1c60b4a68e1db156b19fabf97d8f4a1a7ae098edaae1a0f8009bb7f038cb0b7f6e9e56961f6c3431ec1d60eaca0f589176a42c441a9470933ee6debe8d4

  • SSDEEP

    98304:uK6ns2cff2LHrXimMvYybk+SONsritIj+xTexiNQDI:uK6ns2cmfXiV3g+7C2tIj+xm/DI

Malware Config

Targets

    • Target

      37837a9c68f6d4ca6e0b2af3f8d19930N.exe

    • Size

      4.3MB

    • MD5

      37837a9c68f6d4ca6e0b2af3f8d19930

    • SHA1

      d77b9fe4398da3ed7559a33c7eb980ec3ae53f03

    • SHA256

      fd485c1e6812714e16dc7adad9511d9edb0914d5f41d6c9f0e019bc78ef7a5e0

    • SHA512

      9cd5d1c60b4a68e1db156b19fabf97d8f4a1a7ae098edaae1a0f8009bb7f038cb0b7f6e9e56961f6c3431ec1d60eaca0f589176a42c441a9470933ee6debe8d4

    • SSDEEP

      98304:uK6ns2cff2LHrXimMvYybk+SONsritIj+xTexiNQDI:uK6ns2cmfXiV3g+7C2tIj+xm/DI

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks