General

  • Target

    1f8b73b9a494525297c68d6a958bb3ec56db79e0a4ea31c51789edaae1ce200c.exe

  • Size

    150KB

  • Sample

    241206-s8cr6s1jcj

  • MD5

    c6d4ebc79863d03968c5eead6828b3cd

  • SHA1

    4b320bb1d8c7a4ef05dbdc5027b88a538acd1a00

  • SHA256

    1f8b73b9a494525297c68d6a958bb3ec56db79e0a4ea31c51789edaae1ce200c

  • SHA512

    d9d523a06288dc90d1f186d54017b2389db8bbf91ace1faa8d5b58fa21b77d5e81730ec38a596c30750a3d3e458df2fa914cd1570c01ba0f1cf977fbd2de887d

  • SSDEEP

    1536:JxqjQ+P04wsmJCh4wZzFtO79SrT8+tgpdhXW9ySQf1M03fR/Livh0:sr85ChNFSSPY8YSWu03fR/e0

Malware Config

Targets

    • Target

      1f8b73b9a494525297c68d6a958bb3ec56db79e0a4ea31c51789edaae1ce200c.exe

    • Size

      150KB

    • MD5

      c6d4ebc79863d03968c5eead6828b3cd

    • SHA1

      4b320bb1d8c7a4ef05dbdc5027b88a538acd1a00

    • SHA256

      1f8b73b9a494525297c68d6a958bb3ec56db79e0a4ea31c51789edaae1ce200c

    • SHA512

      d9d523a06288dc90d1f186d54017b2389db8bbf91ace1faa8d5b58fa21b77d5e81730ec38a596c30750a3d3e458df2fa914cd1570c01ba0f1cf977fbd2de887d

    • SSDEEP

      1536:JxqjQ+P04wsmJCh4wZzFtO79SrT8+tgpdhXW9ySQf1M03fR/Livh0:sr85ChNFSSPY8YSWu03fR/e0

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks