General
-
Target
f000e16cdac8fe0a19fa2fb4982686a3314bd51ef0f3c39035fda0a86bbb5851N
-
Size
207KB
-
Sample
241012-3p67saxgra
-
MD5
58bc7e5c926f98984c8ef96239189860
-
SHA1
80ff3e8c1d600620b55788edc633d12d6951fd5c
-
SHA256
f000e16cdac8fe0a19fa2fb4982686a3314bd51ef0f3c39035fda0a86bbb5851
-
SHA512
ccfaf932df9dee6271bebfda0388741ec1f9aa1711d84861197862329a5d551e02f32af3ba8c2d33259463c7af3ff1cead0b3c88c2ce6495b88fa7ba1d0a4dbf
-
SSDEEP
3072:sr85CeaMkr+K3+GuIcen5i/B8DAptm7B8DApFEqfd:k9zMkad/8Dx98DKJ
Malware Config
Targets
-
-
Target
f000e16cdac8fe0a19fa2fb4982686a3314bd51ef0f3c39035fda0a86bbb5851N
-
Size
207KB
-
MD5
58bc7e5c926f98984c8ef96239189860
-
SHA1
80ff3e8c1d600620b55788edc633d12d6951fd5c
-
SHA256
f000e16cdac8fe0a19fa2fb4982686a3314bd51ef0f3c39035fda0a86bbb5851
-
SHA512
ccfaf932df9dee6271bebfda0388741ec1f9aa1711d84861197862329a5d551e02f32af3ba8c2d33259463c7af3ff1cead0b3c88c2ce6495b88fa7ba1d0a4dbf
-
SSDEEP
3072:sr85CeaMkr+K3+GuIcen5i/B8DAptm7B8DApFEqfd:k9zMkad/8Dx98DKJ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1