General

  • Target

    a9c3af9831a8f5a8d92a86ffd4ef74e2e4860781827a13dc45f869a9147b0697

  • Size

    2.0MB

  • Sample

    241123-cnkpaavrbs

  • MD5

    5be42619d4c412aa007cb4a27e7653c7

  • SHA1

    2e20c1b0787a1409e0a7e2f0aa10a35c37a76c73

  • SHA256

    a9c3af9831a8f5a8d92a86ffd4ef74e2e4860781827a13dc45f869a9147b0697

  • SHA512

    a5b9b9ae11d8c813ef5c4c6e91c20d6679024289d19e791b302bd955488146453384d4625232c6e753b9531e3b760eea9bf048c511a8b86d28dbb91493806453

  • SSDEEP

    24576:G4Pa40x4OHpKQRDDxgH3qu4xbBeSeZMMkqZFObM3VRiVMqamf5hP/PddxwslTZB0:hC4OhqybQSFM6KHiKUf5h/1hT798kAAQ

Malware Config

Targets

    • Target

      a9c3af9831a8f5a8d92a86ffd4ef74e2e4860781827a13dc45f869a9147b0697

    • Size

      2.0MB

    • MD5

      5be42619d4c412aa007cb4a27e7653c7

    • SHA1

      2e20c1b0787a1409e0a7e2f0aa10a35c37a76c73

    • SHA256

      a9c3af9831a8f5a8d92a86ffd4ef74e2e4860781827a13dc45f869a9147b0697

    • SHA512

      a5b9b9ae11d8c813ef5c4c6e91c20d6679024289d19e791b302bd955488146453384d4625232c6e753b9531e3b760eea9bf048c511a8b86d28dbb91493806453

    • SSDEEP

      24576:G4Pa40x4OHpKQRDDxgH3qu4xbBeSeZMMkqZFObM3VRiVMqamf5hP/PddxwslTZB0:hC4OhqybQSFM6KHiKUf5h/1hT798kAAQ

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks