General

  • Target

    34d968670c2cef8f0e1e7f1dffc385eb50b484ba2eab8b0319f040a8eb97fe59N.exe

  • Size

    436KB

  • Sample

    241207-f4bm4axrgx

  • MD5

    69e724ef8f3dae6b436277980f271990

  • SHA1

    c538f7dcd0e334a300cf878764ae12ad28f96c09

  • SHA256

    34d968670c2cef8f0e1e7f1dffc385eb50b484ba2eab8b0319f040a8eb97fe59

  • SHA512

    67a60d02b3d54a6aedeea698399f74f898557c130c71f11d61125108e6d8d6bbe830213f5eb0d243664135c63d8b0e02fcdc7a8d30ced2eb513e6d92d48fab3d

  • SSDEEP

    6144:w9PP9ckZj/AHx+/KfglxANSWYsSjohjPWuzh+oi+OXryWMk2rcRX2E41:8PakZj/AHAyf/8Pjowc4oi7x2rcY1

Malware Config

Targets

    • Target

      34d968670c2cef8f0e1e7f1dffc385eb50b484ba2eab8b0319f040a8eb97fe59N.exe

    • Size

      436KB

    • MD5

      69e724ef8f3dae6b436277980f271990

    • SHA1

      c538f7dcd0e334a300cf878764ae12ad28f96c09

    • SHA256

      34d968670c2cef8f0e1e7f1dffc385eb50b484ba2eab8b0319f040a8eb97fe59

    • SHA512

      67a60d02b3d54a6aedeea698399f74f898557c130c71f11d61125108e6d8d6bbe830213f5eb0d243664135c63d8b0e02fcdc7a8d30ced2eb513e6d92d48fab3d

    • SSDEEP

      6144:w9PP9ckZj/AHx+/KfglxANSWYsSjohjPWuzh+oi+OXryWMk2rcRX2E41:8PakZj/AHAyf/8Pjowc4oi7x2rcY1

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks