General

  • Target

    d839915193eab8f88ad050940b2b3a1ed2da808c9d32708e2df8480b80a5e99f

  • Size

    1.5MB

  • Sample

    241108-fd62baykdl

  • MD5

    05c979a8fa4dac85a9d475e0ce0d5178

  • SHA1

    b20574e45d53ad02fdb7470401c34122bdc2cf1f

  • SHA256

    d839915193eab8f88ad050940b2b3a1ed2da808c9d32708e2df8480b80a5e99f

  • SHA512

    31e5e31475be6678b316c692f7a5ce72ac3d32567eb70353bcf1947ea1b8c5b022505c89c5a71d63e7f2c8bd93b944cfd1b9880462d15e8d4c81428f86f2207b

  • SSDEEP

    12288:HxmLsH/9acgrTOv9a380uz5TPBNH4IscGV0YXfFcSk/5esq7yJ:HxmmgrTI880ulH4IsnV0GdcSk/5Pq7I

Malware Config

Targets

    • Target

      d839915193eab8f88ad050940b2b3a1ed2da808c9d32708e2df8480b80a5e99f

    • Size

      1.5MB

    • MD5

      05c979a8fa4dac85a9d475e0ce0d5178

    • SHA1

      b20574e45d53ad02fdb7470401c34122bdc2cf1f

    • SHA256

      d839915193eab8f88ad050940b2b3a1ed2da808c9d32708e2df8480b80a5e99f

    • SHA512

      31e5e31475be6678b316c692f7a5ce72ac3d32567eb70353bcf1947ea1b8c5b022505c89c5a71d63e7f2c8bd93b944cfd1b9880462d15e8d4c81428f86f2207b

    • SSDEEP

      12288:HxmLsH/9acgrTOv9a380uz5TPBNH4IscGV0YXfFcSk/5esq7yJ:HxmmgrTI880ulH4IsnV0GdcSk/5Pq7I

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks