General

  • Target

    c53465e676c760cb21cf0924d9aa7c86a82583fb58527be7c381660a7c4eb3e9.exe

  • Size

    1.3MB

  • Sample

    240725-glgl3avfkg

  • MD5

    22ea886ab65911ed88536eefcf31207c

  • SHA1

    8c3790d77641d1c750d3cf5faf832e54e322feea

  • SHA256

    c53465e676c760cb21cf0924d9aa7c86a82583fb58527be7c381660a7c4eb3e9

  • SHA512

    7da3bb1955d91297bfa234bd3e706da7990008372dcbfb9fd18fc01fec8632d9c19748d3a57eb7555ed08109ad488f1c01bc9b278788ea6dd2b82853c6fb1f94

  • SSDEEP

    24576:yKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttiJA:yKe7OVje7ve/HxQYwlWa7S4t1

Malware Config

Targets

    • Target

      c53465e676c760cb21cf0924d9aa7c86a82583fb58527be7c381660a7c4eb3e9.exe

    • Size

      1.3MB

    • MD5

      22ea886ab65911ed88536eefcf31207c

    • SHA1

      8c3790d77641d1c750d3cf5faf832e54e322feea

    • SHA256

      c53465e676c760cb21cf0924d9aa7c86a82583fb58527be7c381660a7c4eb3e9

    • SHA512

      7da3bb1955d91297bfa234bd3e706da7990008372dcbfb9fd18fc01fec8632d9c19748d3a57eb7555ed08109ad488f1c01bc9b278788ea6dd2b82853c6fb1f94

    • SSDEEP

      24576:yKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttiJA:yKe7OVje7ve/HxQYwlWa7S4t1

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks