General

  • Target

    57001a93f3ccec7aa43624ca4d9bebae9a95766de37931e02a2575c3d01b07afN.exe

  • Size

    92KB

  • Sample

    241207-3v1l7awlhm

  • MD5

    0ca7b878ae19e3178bb0543b8660eee0

  • SHA1

    df6b1a4c8b9e931880ffca0349213b43f6e533db

  • SHA256

    57001a93f3ccec7aa43624ca4d9bebae9a95766de37931e02a2575c3d01b07af

  • SHA512

    fbd720afd3a9f0c706899c9424d930392c2b33702db0d8e2712b623e8c35a4f1449d61426223e42775a776831b8ddda212e164532b43170321c1850ab057baf5

  • SSDEEP

    1536:JxqjQ+P04wsmJCqG7LPxqn6yHRcdTBVSjx9p2W8dF7TPxW:sr85Cn/xqn1HRk0F9p78dFfxW

Malware Config

Targets

    • Target

      57001a93f3ccec7aa43624ca4d9bebae9a95766de37931e02a2575c3d01b07afN.exe

    • Size

      92KB

    • MD5

      0ca7b878ae19e3178bb0543b8660eee0

    • SHA1

      df6b1a4c8b9e931880ffca0349213b43f6e533db

    • SHA256

      57001a93f3ccec7aa43624ca4d9bebae9a95766de37931e02a2575c3d01b07af

    • SHA512

      fbd720afd3a9f0c706899c9424d930392c2b33702db0d8e2712b623e8c35a4f1449d61426223e42775a776831b8ddda212e164532b43170321c1850ab057baf5

    • SSDEEP

      1536:JxqjQ+P04wsmJCqG7LPxqn6yHRcdTBVSjx9p2W8dF7TPxW:sr85Cn/xqn1HRk0F9p78dFfxW

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks