General

  • Target

    6b86c0637393f57009dc0dad508ef5ea9e9aa61ae3623beec1cc02378c778889

  • Size

    236KB

  • Sample

    241028-avq4jatmbt

  • MD5

    f26f3c26853ebcd46a8115922dad182f

  • SHA1

    105f3e531cd7f199fd8cd1f4db3131fabf4c8471

  • SHA256

    6b86c0637393f57009dc0dad508ef5ea9e9aa61ae3623beec1cc02378c778889

  • SHA512

    9c734ad860b19f6ff545bb58e7ee5c75a600f32d9f0675253690efb3733002d7980ba1a98638fe5acb1df21b967c7a5baa220709d3fec381da401e3baf6807aa

  • SSDEEP

    3072:sr85C/b8pzFZ7GwCuRw1usPynJaH9HXkqKCjpEiBBT19PQplqQA/lf+o7O:k9ezFWuRwIDnJs3sCjeiLTHQOrRO

Malware Config

Targets

    • Target

      6b86c0637393f57009dc0dad508ef5ea9e9aa61ae3623beec1cc02378c778889

    • Size

      236KB

    • MD5

      f26f3c26853ebcd46a8115922dad182f

    • SHA1

      105f3e531cd7f199fd8cd1f4db3131fabf4c8471

    • SHA256

      6b86c0637393f57009dc0dad508ef5ea9e9aa61ae3623beec1cc02378c778889

    • SHA512

      9c734ad860b19f6ff545bb58e7ee5c75a600f32d9f0675253690efb3733002d7980ba1a98638fe5acb1df21b967c7a5baa220709d3fec381da401e3baf6807aa

    • SSDEEP

      3072:sr85C/b8pzFZ7GwCuRw1usPynJaH9HXkqKCjpEiBBT19PQplqQA/lf+o7O:k9ezFWuRwIDnJs3sCjeiLTHQOrRO

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks