General
-
Target
63e8b240b1dc72a039d1475107e361b38225812533f59cfc36e78a2318f6b704N
-
Size
200KB
-
Sample
241012-xkyf7azfqr
-
MD5
6e537dfb72733f240cb6004e53181ed0
-
SHA1
e40d8604b882a054a071adfc729576ef9f71d159
-
SHA256
63e8b240b1dc72a039d1475107e361b38225812533f59cfc36e78a2318f6b704
-
SHA512
daa757ac1ed6ba2976e3730d45405bc4bc0bf328a579f3822a1e6c4bdde4f53bf77cacc148fd27182c4d9f2df0b9fce1b6bf17f9be96e3ede4b3b49434df9eaf
-
SSDEEP
3072:sr85CLfT/o5NAQp/t75GeeDZdyBqvMwv7G+7fAmYuv7:k9LfBQp9VelCet
Malware Config
Targets
-
-
Target
63e8b240b1dc72a039d1475107e361b38225812533f59cfc36e78a2318f6b704N
-
Size
200KB
-
MD5
6e537dfb72733f240cb6004e53181ed0
-
SHA1
e40d8604b882a054a071adfc729576ef9f71d159
-
SHA256
63e8b240b1dc72a039d1475107e361b38225812533f59cfc36e78a2318f6b704
-
SHA512
daa757ac1ed6ba2976e3730d45405bc4bc0bf328a579f3822a1e6c4bdde4f53bf77cacc148fd27182c4d9f2df0b9fce1b6bf17f9be96e3ede4b3b49434df9eaf
-
SSDEEP
3072:sr85CLfT/o5NAQp/t75GeeDZdyBqvMwv7G+7fAmYuv7:k9LfBQp9VelCet
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1