General

  • Target

    95baa418c823d4acef47613f1a31d98060c92d5c5f1cc87866994ea88ce768d3.exe

  • Size

    7.2MB

  • Sample

    241206-rlj3asxlbj

  • MD5

    197a0347d0e132fc862fdbe8fff8b913

  • SHA1

    e1e01239b5567ddaa50f9b66b9e20eadca5f1c9b

  • SHA256

    95baa418c823d4acef47613f1a31d98060c92d5c5f1cc87866994ea88ce768d3

  • SHA512

    9beaed6044c229914b2ba29f83a1e9a3b4fe766255d89990e5f77cb7366a03045bc82f039404a890cec68cc76cfc4a5196592addeade8174b0fb96305a6d9926

  • SSDEEP

    196608:Ye4cH6mibEdWLfvnEQFwbBEPbaJzQX1zt9y8T7wUbGLa7/E:mcHM4MDEkOBEPwzc1z9TZ/E

Malware Config

Targets

    • Target

      95baa418c823d4acef47613f1a31d98060c92d5c5f1cc87866994ea88ce768d3.exe

    • Size

      7.2MB

    • MD5

      197a0347d0e132fc862fdbe8fff8b913

    • SHA1

      e1e01239b5567ddaa50f9b66b9e20eadca5f1c9b

    • SHA256

      95baa418c823d4acef47613f1a31d98060c92d5c5f1cc87866994ea88ce768d3

    • SHA512

      9beaed6044c229914b2ba29f83a1e9a3b4fe766255d89990e5f77cb7366a03045bc82f039404a890cec68cc76cfc4a5196592addeade8174b0fb96305a6d9926

    • SSDEEP

      196608:Ye4cH6mibEdWLfvnEQFwbBEPbaJzQX1zt9y8T7wUbGLa7/E:mcHM4MDEkOBEPwzc1z9TZ/E

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks