General

  • Target

    fef03ef3e144c73fbdb047440797c9af1d608575ca07128affa3036dbf5237aa.exe

  • Size

    5.4MB

  • Sample

    241207-nc7kfswkar

  • MD5

    e3a183bb8937dee0e7f88aa28b2c2a0b

  • SHA1

    05e3c30b0c686902ccaadf68fa05809057f6d651

  • SHA256

    fef03ef3e144c73fbdb047440797c9af1d608575ca07128affa3036dbf5237aa

  • SHA512

    f92d864a20b69efaa972c749bd537b858865c978d403a2b704066d9f61fd8e8ec2713dae2985d4d19c0b68d7efdae11d2d6a3846272063fcfbfe9fb1c893b838

  • SSDEEP

    98304:B8P+ore3hUyhZTHJ/wh+9scxSntxDbMAOhe1+zgxa3xWf+RLj:2Pk3hUyhlGznzglZgxcNB

Malware Config

Targets

    • Target

      fef03ef3e144c73fbdb047440797c9af1d608575ca07128affa3036dbf5237aa.exe

    • Size

      5.4MB

    • MD5

      e3a183bb8937dee0e7f88aa28b2c2a0b

    • SHA1

      05e3c30b0c686902ccaadf68fa05809057f6d651

    • SHA256

      fef03ef3e144c73fbdb047440797c9af1d608575ca07128affa3036dbf5237aa

    • SHA512

      f92d864a20b69efaa972c749bd537b858865c978d403a2b704066d9f61fd8e8ec2713dae2985d4d19c0b68d7efdae11d2d6a3846272063fcfbfe9fb1c893b838

    • SSDEEP

      98304:B8P+ore3hUyhZTHJ/wh+9scxSntxDbMAOhe1+zgxa3xWf+RLj:2Pk3hUyhlGznzglZgxcNB

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks