General

  • Target

    c38e6647258d39b300d65b8b306ba33f33d03798f56a56c950403f7f333e0dee.exe

  • Size

    204KB

  • Sample

    241207-hgsn7swqcp

  • MD5

    44cc7a86ecd7a89b2ce22b31c5f01cc5

  • SHA1

    0f5e8a2336b3bc2a256a7528481612a381221be9

  • SHA256

    c38e6647258d39b300d65b8b306ba33f33d03798f56a56c950403f7f333e0dee

  • SHA512

    1aacc19e051812f6c6048ef3d44b63a6c9e2e3cb73d0ee363c0d3ba33ff38cdd0bbd208f005f210c36b770f45118e85985cdf2c48b2f623a6111fee36c0fd9ab

  • SSDEEP

    3072:sr85CqaGCbtrrE0Za9/U7hxTKbfXkdu13jB+MC2R8Fl2Z/GU7ysb5vvIfFrdEkhh:k9qaGGhZa9YTcqwB+3piM

Malware Config

Targets

    • Target

      c38e6647258d39b300d65b8b306ba33f33d03798f56a56c950403f7f333e0dee.exe

    • Size

      204KB

    • MD5

      44cc7a86ecd7a89b2ce22b31c5f01cc5

    • SHA1

      0f5e8a2336b3bc2a256a7528481612a381221be9

    • SHA256

      c38e6647258d39b300d65b8b306ba33f33d03798f56a56c950403f7f333e0dee

    • SHA512

      1aacc19e051812f6c6048ef3d44b63a6c9e2e3cb73d0ee363c0d3ba33ff38cdd0bbd208f005f210c36b770f45118e85985cdf2c48b2f623a6111fee36c0fd9ab

    • SSDEEP

      3072:sr85CqaGCbtrrE0Za9/U7hxTKbfXkdu13jB+MC2R8Fl2Z/GU7ysb5vvIfFrdEkhh:k9qaGGhZa9YTcqwB+3piM

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks