Overview

overview

10

Static

static

3

c3a8cd83fe...5N.exe

windows7-x64

10

c3a8cd83fe...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3a8cd83fe41d3759280b59cfeb0946899ad4085b6a55710de6058c33b87b555N

  • Size

    926KB

  • Sample

    241009-c9cksszhrb

  • MD5

    40567c3bb8f377438ad9ade47eda95a0

  • SHA1

    0dc7d859dcc9d6466a88797794ce1c9718119b55

  • SHA256

    c3a8cd83fe41d3759280b59cfeb0946899ad4085b6a55710de6058c33b87b555

  • SHA512

    563707ad6049f488fbfabee76c63ab6fec1da39e688f168c5ab63571702d0d615d8daeb39016f2de938222e7e9fec9fb4d3245a3bd5c3fe2bb66f32ffbced629

  • SSDEEP

    24576:Le7/zHaG7VXkY/WhNlo5QlWm/B1YWhkfc7jMTn+3:o/za2XkaklDkdy

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      c3a8cd83fe41d3759280b59cfeb0946899ad4085b6a55710de6058c33b87b555N

    • Size

      926KB

    • MD5

      40567c3bb8f377438ad9ade47eda95a0

    • SHA1

      0dc7d859dcc9d6466a88797794ce1c9718119b55

    • SHA256

      c3a8cd83fe41d3759280b59cfeb0946899ad4085b6a55710de6058c33b87b555

    • SHA512

      563707ad6049f488fbfabee76c63ab6fec1da39e688f168c5ab63571702d0d615d8daeb39016f2de938222e7e9fec9fb4d3245a3bd5c3fe2bb66f32ffbced629

    • SSDEEP

      24576:Le7/zHaG7VXkY/WhNlo5QlWm/B1YWhkfc7jMTn+3:o/za2XkaklDkdy

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks