General

  • Target

    4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2.exe

  • Size

    98KB

  • Sample

    240725-db7hystgpq

  • MD5

    d6da671d1cb0a8be4874d9fb19f40ab3

  • SHA1

    f74cfb8aa156be19d8ecf862b7f4563363725436

  • SHA256

    4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2

  • SHA512

    58230fd980e814c77d6c0553c23a9fc3ce02e21dca049d7b56267b6df4acb705cddba5bab1bab60a3b94effc71ca0aaf3982446b2c90cc747f4008f7b5468485

  • SSDEEP

    1536:JxqjQ+P04wsmJCpEEt4AwMEz9UQz0QNeRBl5PT/rx1mzwRMSTdLpJPs:sr85Cn45MEyQ5QRrmzwR5Jk

Malware Config

Targets

    • Target

      4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2.exe

    • Size

      98KB

    • MD5

      d6da671d1cb0a8be4874d9fb19f40ab3

    • SHA1

      f74cfb8aa156be19d8ecf862b7f4563363725436

    • SHA256

      4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2

    • SHA512

      58230fd980e814c77d6c0553c23a9fc3ce02e21dca049d7b56267b6df4acb705cddba5bab1bab60a3b94effc71ca0aaf3982446b2c90cc747f4008f7b5468485

    • SSDEEP

      1536:JxqjQ+P04wsmJCpEEt4AwMEz9UQz0QNeRBl5PT/rx1mzwRMSTdLpJPs:sr85Cn45MEyQ5QRrmzwR5Jk

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks