General

  • Target

    265d81abae193073427fc431845dbf0b8ec85cde1b3345b4fdef64bbee095582N.exe

  • Size

    1.6MB

  • Sample

    241207-zfpplaxqfm

  • MD5

    47d004b1dbc6b24e86422681631cabe0

  • SHA1

    36617b5d1ecdf1721beae2059343da2273c2fa75

  • SHA256

    265d81abae193073427fc431845dbf0b8ec85cde1b3345b4fdef64bbee095582

  • SHA512

    bf4b05fc8979d672d49597649bf37633369d572f793e1a8cd3b8ff30c98265b1ee7b9d2222555c45b2f18edccad449638aa539d1eb359472aa619c03193109c9

  • SSDEEP

    24576:yVZTSorVEVDzytegz0vhdNcYYO/SKNj0TJFDv+kkm1v5DL+tnP/svpFSaE:yHjVhEXJYx+kkm1v50nP/UpFSa

Malware Config

Targets

    • Target

      265d81abae193073427fc431845dbf0b8ec85cde1b3345b4fdef64bbee095582N.exe

    • Size

      1.6MB

    • MD5

      47d004b1dbc6b24e86422681631cabe0

    • SHA1

      36617b5d1ecdf1721beae2059343da2273c2fa75

    • SHA256

      265d81abae193073427fc431845dbf0b8ec85cde1b3345b4fdef64bbee095582

    • SHA512

      bf4b05fc8979d672d49597649bf37633369d572f793e1a8cd3b8ff30c98265b1ee7b9d2222555c45b2f18edccad449638aa539d1eb359472aa619c03193109c9

    • SSDEEP

      24576:yVZTSorVEVDzytegz0vhdNcYYO/SKNj0TJFDv+kkm1v5DL+tnP/svpFSaE:yHjVhEXJYx+kkm1v50nP/UpFSa

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks