General

  • Target

    57cc89044a3d371a8c43dc99bf7191dfe2a70630d135b4e93045186438859039.exe

  • Size

    1.1MB

  • Sample

    241206-q5dtyszqbx

  • MD5

    2d81ece33de75e1df251a4606a2560ac

  • SHA1

    23fb8fc6db796d96d7f9fbb382462c8f8838657a

  • SHA256

    57cc89044a3d371a8c43dc99bf7191dfe2a70630d135b4e93045186438859039

  • SHA512

    b28d58b79546953f426cd2df8a18007a854c0b07355c0a6e65d257665131dcc899c0c877bd2cc16f144ee36b847aaa39b0ccb13f587b3e2ee28d18957552fea7

  • SSDEEP

    24576:vP/2prmxQFLaiXuEPDRdOATHJsv6tWKFdu9C8azTLUsm:+RRPDbJsv6tWKFdu9CZTAh

Malware Config

Targets

    • Target

      57cc89044a3d371a8c43dc99bf7191dfe2a70630d135b4e93045186438859039.exe

    • Size

      1.1MB

    • MD5

      2d81ece33de75e1df251a4606a2560ac

    • SHA1

      23fb8fc6db796d96d7f9fbb382462c8f8838657a

    • SHA256

      57cc89044a3d371a8c43dc99bf7191dfe2a70630d135b4e93045186438859039

    • SHA512

      b28d58b79546953f426cd2df8a18007a854c0b07355c0a6e65d257665131dcc899c0c877bd2cc16f144ee36b847aaa39b0ccb13f587b3e2ee28d18957552fea7

    • SSDEEP

      24576:vP/2prmxQFLaiXuEPDRdOATHJsv6tWKFdu9C8azTLUsm:+RRPDbJsv6tWKFdu9CZTAh

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks