General

  • Target

    6d924fa64b1da5ff5b8bf780b70fc860N.exe

  • Size

    229KB

  • Sample

    240725-eqwknsxgml

  • MD5

    6d924fa64b1da5ff5b8bf780b70fc860

  • SHA1

    346d3ae9b162673e14eec28c002369ff23acbf4a

  • SHA256

    d0c083e6b04218dd268843605bb734e95164bba1dba76b60ddc8f618b91a9962

  • SHA512

    06b56d89e9a80b23fd246beac0409a5500705778c305be9f8cf448a39aa26438c1d1c381110075a0bda3ab5640c73e33397e90f4002d385e735c8482d651830e

  • SSDEEP

    3072:sr85CkVAMD8JSJ/K9nBSE2bngM7nNDNNnPUMEGxaJD7egIblkVBgDGGP:k9DEJ/KhAE4xNDNNnPi7eT5ABEV

Malware Config

Targets

    • Target

      6d924fa64b1da5ff5b8bf780b70fc860N.exe

    • Size

      229KB

    • MD5

      6d924fa64b1da5ff5b8bf780b70fc860

    • SHA1

      346d3ae9b162673e14eec28c002369ff23acbf4a

    • SHA256

      d0c083e6b04218dd268843605bb734e95164bba1dba76b60ddc8f618b91a9962

    • SHA512

      06b56d89e9a80b23fd246beac0409a5500705778c305be9f8cf448a39aa26438c1d1c381110075a0bda3ab5640c73e33397e90f4002d385e735c8482d651830e

    • SSDEEP

      3072:sr85CkVAMD8JSJ/K9nBSE2bngM7nNDNNnPUMEGxaJD7egIblkVBgDGGP:k9DEJ/KhAE4xNDNNnPi7eT5ABEV

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks