General

  • Target

    f03fe28a1b0922f10001dd6bde7f42a91ea9b8aa98c577be4a88734243c88994.exe

  • Size

    369KB

  • Sample

    240725-hsbvtsxerf

  • MD5

    d62e4b089848c4ab7acfa49cccf4a890

  • SHA1

    0c9d283a7802a84056e99da4048f3cfad190341f

  • SHA256

    f03fe28a1b0922f10001dd6bde7f42a91ea9b8aa98c577be4a88734243c88994

  • SHA512

    53c3a1449aa21864b4a160458f942363b36633341434b634290d817760ba4f3306291b3b10e5bc83b583f8807881fea3eb71f2768143c1a0423e19b7189c53c6

  • SSDEEP

    6144:k9NNv5HAwT3Js1XD5bPyLShsNlJYRV37wTyPzembIrcvYbJGM:SNBgwT3K5bszJYj7wTsaV

Malware Config

Targets

    • Target

      f03fe28a1b0922f10001dd6bde7f42a91ea9b8aa98c577be4a88734243c88994.exe

    • Size

      369KB

    • MD5

      d62e4b089848c4ab7acfa49cccf4a890

    • SHA1

      0c9d283a7802a84056e99da4048f3cfad190341f

    • SHA256

      f03fe28a1b0922f10001dd6bde7f42a91ea9b8aa98c577be4a88734243c88994

    • SHA512

      53c3a1449aa21864b4a160458f942363b36633341434b634290d817760ba4f3306291b3b10e5bc83b583f8807881fea3eb71f2768143c1a0423e19b7189c53c6

    • SSDEEP

      6144:k9NNv5HAwT3Js1XD5bPyLShsNlJYRV37wTyPzembIrcvYbJGM:SNBgwT3K5bszJYj7wTsaV

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks