General
-
Target
fd2b142799d6d05819c87be874ec6d48cb5e74716424f3984cea910bb6fd865b
-
Size
258KB
-
Sample
241010-eash3ssdml
-
MD5
0afc3ca33755478906ac18b309ea013e
-
SHA1
a031966dd5f3bc24369c2811210d2c15fec3be8f
-
SHA256
fd2b142799d6d05819c87be874ec6d48cb5e74716424f3984cea910bb6fd865b
-
SHA512
6bd75b1cc74c367d35bf0efef8e2fd259da7c508c03c8d708e51d52e7e7988038aca7b9f32c10066b766614025ca1e4e4db6fde86d746f377b06bbe73ac843f7
-
SSDEEP
3072:sr85CeMJhlERLWK+Guae5yUgzn5M8B8DApffLB8DApFEmumT:k9z+RLaoj8Dit8DKLT
Malware Config
Targets
-
-
Target
fd2b142799d6d05819c87be874ec6d48cb5e74716424f3984cea910bb6fd865b
-
Size
258KB
-
MD5
0afc3ca33755478906ac18b309ea013e
-
SHA1
a031966dd5f3bc24369c2811210d2c15fec3be8f
-
SHA256
fd2b142799d6d05819c87be874ec6d48cb5e74716424f3984cea910bb6fd865b
-
SHA512
6bd75b1cc74c367d35bf0efef8e2fd259da7c508c03c8d708e51d52e7e7988038aca7b9f32c10066b766614025ca1e4e4db6fde86d746f377b06bbe73ac843f7
-
SSDEEP
3072:sr85CeMJhlERLWK+Guae5yUgzn5M8B8DApffLB8DApFEmumT:k9z+RLaoj8Dit8DKLT
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1