General

  • Target

    4f7c6324012cd96621009476a4e2d0f5cff81036b1df15fc777d38949facedca

  • Size

    5.7MB

  • Sample

    241208-2gqpdsznfp

  • MD5

    4679a5a468770cdf1e2bbcb578ab2545

  • SHA1

    308dc74ab011a35fd4d0deeac2420d7a7691af0a

  • SHA256

    4f7c6324012cd96621009476a4e2d0f5cff81036b1df15fc777d38949facedca

  • SHA512

    1f8682fe62448e5110503130758ff4ee14a2771fb8a2da7199f1e0a9b8d54c0feb787b7e18279f238b6f6582a63c19e7e535f284014a6a1626b42caded1aad12

  • SSDEEP

    49152:nvULOoOzpNyKrHdWf/0Fas4AimrU6OOOOOOAOOOOOOJ17aMJUBfKo:8ZKbhas4arROOOOOOAOOOOOOJ17a7v

Malware Config

Targets

    • Target

      4f7c6324012cd96621009476a4e2d0f5cff81036b1df15fc777d38949facedca

    • Size

      5.7MB

    • MD5

      4679a5a468770cdf1e2bbcb578ab2545

    • SHA1

      308dc74ab011a35fd4d0deeac2420d7a7691af0a

    • SHA256

      4f7c6324012cd96621009476a4e2d0f5cff81036b1df15fc777d38949facedca

    • SHA512

      1f8682fe62448e5110503130758ff4ee14a2771fb8a2da7199f1e0a9b8d54c0feb787b7e18279f238b6f6582a63c19e7e535f284014a6a1626b42caded1aad12

    • SSDEEP

      49152:nvULOoOzpNyKrHdWf/0Fas4AimrU6OOOOOOAOOOOOOJ17aMJUBfKo:8ZKbhas4arROOOOOOAOOOOOOJ17a7v

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks