General

  • Target

    89e404e80904a32bbbe80ddfc72442152c4ba809a35f16caccb093c0d76861fdN.exe

  • Size

    902KB

  • Sample

    241206-t377kasmfj

  • MD5

    0d160056236cdf5920a78c76988f3c30

  • SHA1

    42fce7892045b1f8336159000e67b53270f6642d

  • SHA256

    89e404e80904a32bbbe80ddfc72442152c4ba809a35f16caccb093c0d76861fd

  • SHA512

    544d777d482f62744d0557a2bf5ea0a8b13b82b73ae64b83116fe58a447c8eb5a8c364d3fde46a72bc61e4cb741aebec33953934d2921bf495b86cbe6119b05e

  • SSDEEP

    24576:IhvvVXr99/c2W5wGCC7tZuzhQOZkxJbfv5u3dlAxaKjqbC:SvvVb990d5f7tZuzhQOZkxJbfv5u3dlG

Malware Config

Targets

    • Target

      89e404e80904a32bbbe80ddfc72442152c4ba809a35f16caccb093c0d76861fdN.exe

    • Size

      902KB

    • MD5

      0d160056236cdf5920a78c76988f3c30

    • SHA1

      42fce7892045b1f8336159000e67b53270f6642d

    • SHA256

      89e404e80904a32bbbe80ddfc72442152c4ba809a35f16caccb093c0d76861fd

    • SHA512

      544d777d482f62744d0557a2bf5ea0a8b13b82b73ae64b83116fe58a447c8eb5a8c364d3fde46a72bc61e4cb741aebec33953934d2921bf495b86cbe6119b05e

    • SSDEEP

      24576:IhvvVXr99/c2W5wGCC7tZuzhQOZkxJbfv5u3dlAxaKjqbC:SvvVb990d5f7tZuzhQOZkxJbfv5u3dlG

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks