General

  • Target

    760834c5ba58a6a123b9c292ebd049b0N.exe

  • Size

    385KB

  • Sample

    240725-fgtv6azbpr

  • MD5

    760834c5ba58a6a123b9c292ebd049b0

  • SHA1

    d2368ac82279bcaa51e54cb6113bfb16cf8cd633

  • SHA256

    80fba16d8d10e2d271b6d4cd4a0372d23610818135683ae2d7c4e3b7f6690a95

  • SHA512

    07b788668d567aa3bf3dd4d92bf9fd025ab0a8053376924630cbf0c9774bd17ac5ea5f9351f2855b9dbd4503f7cb828e872fec69b07196453f35876ba9405ffd

  • SSDEEP

    6144:k9X0pJEzoJoqmw0/NX/vPPMGMEFiECQBD086QXhaasQuPo0gG:hpaoJoqmw0/NnHaElDd6S7sQoo

Malware Config

Targets

    • Target

      760834c5ba58a6a123b9c292ebd049b0N.exe

    • Size

      385KB

    • MD5

      760834c5ba58a6a123b9c292ebd049b0

    • SHA1

      d2368ac82279bcaa51e54cb6113bfb16cf8cd633

    • SHA256

      80fba16d8d10e2d271b6d4cd4a0372d23610818135683ae2d7c4e3b7f6690a95

    • SHA512

      07b788668d567aa3bf3dd4d92bf9fd025ab0a8053376924630cbf0c9774bd17ac5ea5f9351f2855b9dbd4503f7cb828e872fec69b07196453f35876ba9405ffd

    • SSDEEP

      6144:k9X0pJEzoJoqmw0/NX/vPPMGMEFiECQBD086QXhaasQuPo0gG:hpaoJoqmw0/NnHaElDd6S7sQoo

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks