General

  • Target

    54a111073e8536cff0041dfaf4f4b910N.exe

  • Size

    242KB

  • Sample

    240725-cktssavfne

  • MD5

    54a111073e8536cff0041dfaf4f4b910

  • SHA1

    82a3ff2875c790d535adc14d0cbefa300365af98

  • SHA256

    b7f2debefe2d96eab1d448d6193a3b57089a06e8eab2ac7b5ffca78c518a087a

  • SHA512

    38952122eb806df0af718b9fbd27136feacc9d776c40fb8c7fac4eab0185a389d107b00e6245ea7dc17c5cdc510565101e7fab6f2de6e92a97607cce9409b5f0

  • SSDEEP

    3072:sr85CdxP1BGQfUiIipfseYCK3xuSsvjhhec:k9dxP3GQfHh/HwcVVhec

Malware Config

Targets

    • Target

      54a111073e8536cff0041dfaf4f4b910N.exe

    • Size

      242KB

    • MD5

      54a111073e8536cff0041dfaf4f4b910

    • SHA1

      82a3ff2875c790d535adc14d0cbefa300365af98

    • SHA256

      b7f2debefe2d96eab1d448d6193a3b57089a06e8eab2ac7b5ffca78c518a087a

    • SHA512

      38952122eb806df0af718b9fbd27136feacc9d776c40fb8c7fac4eab0185a389d107b00e6245ea7dc17c5cdc510565101e7fab6f2de6e92a97607cce9409b5f0

    • SSDEEP

      3072:sr85CdxP1BGQfUiIipfseYCK3xuSsvjhhec:k9dxP3GQfHh/HwcVVhec

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks