General

  • Target

    83c269dd4c164fa7afb445e9b74da34ea925ae34722c767060dab742fdc82385N.exe

  • Size

    258KB

  • Sample

    241111-dt4j1svncn

  • MD5

    2d9e3b4c754272e576a49fb4f22faaa2

  • SHA1

    bf5b5a89de37301e9c5b3ba745475fb211697513

  • SHA256

    90bffebf2f5dd844b5fcfd918d58002fc94c333cf70d2c01d1410cdb35a42178

  • SHA512

    8f6f81515bcb3ec173d386e7e3e084adfbad111ab52c025b3ae22b48991736528f4f1c6a683865f0ecbeee888b2ef9e2c986b1d9ef45b522179fc88a7c605457

  • SSDEEP

    3072:sr85CsgeDfO3lXF8MeIxoBy7mboUMJlb7xauUdYSFvRvYyM3cps2f7pxmL9biOO6:k9Q0iTICOe3MJl5UdYUvYL+I9btOUFl

Malware Config

Targets

    • Target

      83c269dd4c164fa7afb445e9b74da34ea925ae34722c767060dab742fdc82385N.exe

    • Size

      258KB

    • MD5

      2d9e3b4c754272e576a49fb4f22faaa2

    • SHA1

      bf5b5a89de37301e9c5b3ba745475fb211697513

    • SHA256

      90bffebf2f5dd844b5fcfd918d58002fc94c333cf70d2c01d1410cdb35a42178

    • SHA512

      8f6f81515bcb3ec173d386e7e3e084adfbad111ab52c025b3ae22b48991736528f4f1c6a683865f0ecbeee888b2ef9e2c986b1d9ef45b522179fc88a7c605457

    • SSDEEP

      3072:sr85CsgeDfO3lXF8MeIxoBy7mboUMJlb7xauUdYSFvRvYyM3cps2f7pxmL9biOO6:k9Q0iTICOe3MJl5UdYUvYL+I9btOUFl

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks