General

  • Target

    cbca1389e34a385ea67e2c69efc1ff11b2290315c2c6daf9d9c10f5021e153efN.exe

  • Size

    824KB

  • Sample

    241206-m8f7pszphm

  • MD5

    308e000a49164970296733d584933880

  • SHA1

    7d9f690f7dfb7d8af8b72b0bad1be81359127282

  • SHA256

    cbca1389e34a385ea67e2c69efc1ff11b2290315c2c6daf9d9c10f5021e153ef

  • SHA512

    7d737d86c5eec4dbb2704f02c6dda1fd8af9e8ff6a232d60b058fd7e1c5e3b4d01ecccb12d96d508e052a2a885e5c844b4bed8945a3272b29f4d720d94d5e52c

  • SSDEEP

    6144:m9VG8/pelvlWH++XBHSrNvLW1K3vLW1KO:c6lvlW1yrNjImjIB

Malware Config

Targets

    • Target

      cbca1389e34a385ea67e2c69efc1ff11b2290315c2c6daf9d9c10f5021e153efN.exe

    • Size

      824KB

    • MD5

      308e000a49164970296733d584933880

    • SHA1

      7d9f690f7dfb7d8af8b72b0bad1be81359127282

    • SHA256

      cbca1389e34a385ea67e2c69efc1ff11b2290315c2c6daf9d9c10f5021e153ef

    • SHA512

      7d737d86c5eec4dbb2704f02c6dda1fd8af9e8ff6a232d60b058fd7e1c5e3b4d01ecccb12d96d508e052a2a885e5c844b4bed8945a3272b29f4d720d94d5e52c

    • SSDEEP

      6144:m9VG8/pelvlWH++XBHSrNvLW1K3vLW1KO:c6lvlW1yrNjImjIB

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks