General

  • Target

    7afbf5fba30cd025ff53c5206627d174e2deb87f5449a1a9fecc0a74af0a06cf

  • Size

    566KB

  • Sample

    241125-arssystngj

  • MD5

    1f84dd61791594b173784b9ac575243d

  • SHA1

    2d7628545c1aae4f1e069147c259cea67593963a

  • SHA256

    7afbf5fba30cd025ff53c5206627d174e2deb87f5449a1a9fecc0a74af0a06cf

  • SHA512

    6d8685161c335d3b3e5dd7c5927fdc4cd9959bb8cf8bb892a4579794961aef833ced16f167a86faf7224c1807cd4c19b39c57bda8716987a2eff5be8fdd549ad

  • SSDEEP

    6144:PuocviY2Df2nbx0AmcPdYmdpoBIUH0KpaOp58losyGEGyFbH:vca520AmpnpTp58loDGEGyFbH

Malware Config

Targets

    • Target

      7afbf5fba30cd025ff53c5206627d174e2deb87f5449a1a9fecc0a74af0a06cf

    • Size

      566KB

    • MD5

      1f84dd61791594b173784b9ac575243d

    • SHA1

      2d7628545c1aae4f1e069147c259cea67593963a

    • SHA256

      7afbf5fba30cd025ff53c5206627d174e2deb87f5449a1a9fecc0a74af0a06cf

    • SHA512

      6d8685161c335d3b3e5dd7c5927fdc4cd9959bb8cf8bb892a4579794961aef833ced16f167a86faf7224c1807cd4c19b39c57bda8716987a2eff5be8fdd549ad

    • SSDEEP

      6144:PuocviY2Df2nbx0AmcPdYmdpoBIUH0KpaOp58losyGEGyFbH:vca520AmpnpTp58loDGEGyFbH

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks