General

  • Target

    2eb93c4fc2bcf8ed9de92ddae4a565853d61c7d08c206d9e8a3551768a1f4503N.exe

  • Size

    3.7MB

  • Sample

    241207-x7fjwsvkgr

  • MD5

    e7743360d7504c003717a724c7078da0

  • SHA1

    50ddbc01198721da12d3f6940a422c2b6752d29a

  • SHA256

    2eb93c4fc2bcf8ed9de92ddae4a565853d61c7d08c206d9e8a3551768a1f4503

  • SHA512

    b6a83d6db2f18ba56f48e4abbf5f4e24e73d91a01a29d385947cbe72c02a44de891ed8fe37efaa23a08505b4c38a8edc6896126a748bea646e8ece5b245d5968

  • SSDEEP

    24576:ruWNAd6RMEAiQRDz7kxPYTVLM46SgezoLZqtVJW8PNwdnk9zUQABRVBJZOWHjD3e:r06XAB4x8LM46A8Np8PaNlRVBJZo

Malware Config

Targets

    • Target

      2eb93c4fc2bcf8ed9de92ddae4a565853d61c7d08c206d9e8a3551768a1f4503N.exe

    • Size

      3.7MB

    • MD5

      e7743360d7504c003717a724c7078da0

    • SHA1

      50ddbc01198721da12d3f6940a422c2b6752d29a

    • SHA256

      2eb93c4fc2bcf8ed9de92ddae4a565853d61c7d08c206d9e8a3551768a1f4503

    • SHA512

      b6a83d6db2f18ba56f48e4abbf5f4e24e73d91a01a29d385947cbe72c02a44de891ed8fe37efaa23a08505b4c38a8edc6896126a748bea646e8ece5b245d5968

    • SSDEEP

      24576:ruWNAd6RMEAiQRDz7kxPYTVLM46SgezoLZqtVJW8PNwdnk9zUQABRVBJZOWHjD3e:r06XAB4x8LM46A8Np8PaNlRVBJZo

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks