General

  • Target

    3a4e4cf6ff361409a7dbcc5f8bd2e64b06d3325a04d90124f33500bd246f7ecc.exe

  • Size

    832KB

  • Sample

    241202-jlyxfswlcy

  • MD5

    f25973bbf37be072c3c8a88377e6080b

  • SHA1

    7c4656f5362f09aa92e2393ab1c22f0a534e571d

  • SHA256

    3a4e4cf6ff361409a7dbcc5f8bd2e64b06d3325a04d90124f33500bd246f7ecc

  • SHA512

    171dbbb7e50fdf0ffd94f950b502771b78a44745bb613c0d43eb25d3fb115837a2f7cbe7d352f650a480443a0e09ca5f9670ece01ae1fa1966684778915762f0

  • SSDEEP

    24576:TIE5N3uQNiTN3VekMh9B9px/v3vnh4dmkaRI9JEO:TqQNiTN3aaJl

Malware Config

Targets

    • Target

      3a4e4cf6ff361409a7dbcc5f8bd2e64b06d3325a04d90124f33500bd246f7ecc.exe

    • Size

      832KB

    • MD5

      f25973bbf37be072c3c8a88377e6080b

    • SHA1

      7c4656f5362f09aa92e2393ab1c22f0a534e571d

    • SHA256

      3a4e4cf6ff361409a7dbcc5f8bd2e64b06d3325a04d90124f33500bd246f7ecc

    • SHA512

      171dbbb7e50fdf0ffd94f950b502771b78a44745bb613c0d43eb25d3fb115837a2f7cbe7d352f650a480443a0e09ca5f9670ece01ae1fa1966684778915762f0

    • SSDEEP

      24576:TIE5N3uQNiTN3VekMh9B9px/v3vnh4dmkaRI9JEO:TqQNiTN3aaJl

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks