General

  • Target

    c4d19210e1a63393b1c538fb68dd8da81ab01572a1d47f05f9f73a9cc69148fa.exe

  • Size

    425KB

  • Sample

    241126-jpbw4a1qfw

  • MD5

    ae6ea964e8b9f5bf5eb1cbd4f48ae957

  • SHA1

    be15512e4dfbd130e8f2b7eea72e0387aefec080

  • SHA256

    c4d19210e1a63393b1c538fb68dd8da81ab01572a1d47f05f9f73a9cc69148fa

  • SHA512

    318034be14787f16241e4f763b9f2c643787c9f99a88d20f39ad30282f3543af7b590ab1ada49414e7c28ac6bd7a857de89f2dbfa035bdb74c8b47b9d3fc8be2

  • SSDEEP

    6144:m9w3LjxN56PUtMyb9fc8ry5anhW5zjKXsyYtyAYuIxvmvRWZo60l:x3LjL56PUrb99nhIz2lYtO+vRdn

Malware Config

Targets

    • Target

      c4d19210e1a63393b1c538fb68dd8da81ab01572a1d47f05f9f73a9cc69148fa.exe

    • Size

      425KB

    • MD5

      ae6ea964e8b9f5bf5eb1cbd4f48ae957

    • SHA1

      be15512e4dfbd130e8f2b7eea72e0387aefec080

    • SHA256

      c4d19210e1a63393b1c538fb68dd8da81ab01572a1d47f05f9f73a9cc69148fa

    • SHA512

      318034be14787f16241e4f763b9f2c643787c9f99a88d20f39ad30282f3543af7b590ab1ada49414e7c28ac6bd7a857de89f2dbfa035bdb74c8b47b9d3fc8be2

    • SSDEEP

      6144:m9w3LjxN56PUtMyb9fc8ry5anhW5zjKXsyYtyAYuIxvmvRWZo60l:x3LjL56PUrb99nhIz2lYtO+vRdn

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks