General

  • Target

    3d8b8b84b47772a039f2462d647ba1bc7ef0fe7207a54747d5ed75ea31869203

  • Size

    400KB

  • Sample

    241103-1twwhavkhz

  • MD5

    e802b64b73bba7cccde8881de7e07a86

  • SHA1

    23fa20d49e4fd57f95195b1c15c5d66e867212e2

  • SHA256

    3d8b8b84b47772a039f2462d647ba1bc7ef0fe7207a54747d5ed75ea31869203

  • SHA512

    37a696077c5ca4c119b24f10e32d5f0d41b12d4ee313babd56050a68104e409f3ada83ad5c10a35fd91a295d62f4d410df2ff34ada6c036a6526acd02e977a8e

  • SSDEEP

    3072:sr85Ct/VSrY7KwIoaCi5Z08laASQS5XfMXaZoT+IaKFfa+Hgl8NLyrzcjhMr85C:k94qNA/S5kqGT+dj+Hg0LyrzcjK9

Malware Config

Targets

    • Target

      3d8b8b84b47772a039f2462d647ba1bc7ef0fe7207a54747d5ed75ea31869203

    • Size

      400KB

    • MD5

      e802b64b73bba7cccde8881de7e07a86

    • SHA1

      23fa20d49e4fd57f95195b1c15c5d66e867212e2

    • SHA256

      3d8b8b84b47772a039f2462d647ba1bc7ef0fe7207a54747d5ed75ea31869203

    • SHA512

      37a696077c5ca4c119b24f10e32d5f0d41b12d4ee313babd56050a68104e409f3ada83ad5c10a35fd91a295d62f4d410df2ff34ada6c036a6526acd02e977a8e

    • SSDEEP

      3072:sr85Ct/VSrY7KwIoaCi5Z08laASQS5XfMXaZoT+IaKFfa+Hgl8NLyrzcjhMr85C:k94qNA/S5kqGT+dj+Hg0LyrzcjK9

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks