General

  • Target

    b1b0ac9f14c837c0fbec00bba8a658c0N.exe

  • Size

    189KB

  • Sample

    240725-lb59wstbqa

  • MD5

    b1b0ac9f14c837c0fbec00bba8a658c0

  • SHA1

    47499daa16a4344f9c94045a88ae78e31ecdfc24

  • SHA256

    14f3c251ec442ffe7a70f0d554202eba9143b9ea52eb61b546195b560e7abe9c

  • SHA512

    97b088864470d9dc025c9f74bc7bb7102a3f8d0962447860179b597599d10de67dd7b54d3f32018d3802ee9dc56fe8d7fce455f2f25b7913d3aee534250b884d

  • SSDEEP

    3072:sr85Cs08iRQ1G78IVn2sbS7cJN8lt0CiS4omp03WQthI/9S3BZh:k9s0a1G78IVAcjctTiS4ompB9S3BZh

Malware Config

Targets

    • Target

      b1b0ac9f14c837c0fbec00bba8a658c0N.exe

    • Size

      189KB

    • MD5

      b1b0ac9f14c837c0fbec00bba8a658c0

    • SHA1

      47499daa16a4344f9c94045a88ae78e31ecdfc24

    • SHA256

      14f3c251ec442ffe7a70f0d554202eba9143b9ea52eb61b546195b560e7abe9c

    • SHA512

      97b088864470d9dc025c9f74bc7bb7102a3f8d0962447860179b597599d10de67dd7b54d3f32018d3802ee9dc56fe8d7fce455f2f25b7913d3aee534250b884d

    • SSDEEP

      3072:sr85Cs08iRQ1G78IVn2sbS7cJN8lt0CiS4omp03WQthI/9S3BZh:k9s0a1G78IVAcjctTiS4ompB9S3BZh

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks