General

  • Target

    4750acf5a744622dbdeb5427fd75b5280186c54ef51c60a7b723000fc8a612f5N.exe

  • Size

    5.5MB

  • Sample

    241208-an7spsxmgq

  • MD5

    4e03ba3afaeb72b04214e768a7616cc0

  • SHA1

    b49fc7602ba94a7156940367f58a31b65fabd40c

  • SHA256

    4750acf5a744622dbdeb5427fd75b5280186c54ef51c60a7b723000fc8a612f5

  • SHA512

    df7e4c2124598f725f2e44a1c04dd680f2334937ae6903c7f772ef74fb9c224d7a694d109e217f00f672a08166593c36bfe30b36c7775fd76175925282c088cc

  • SSDEEP

    49152:lA6CTj/yNEc+HQ4errUYEZTRtdJRgtiEtezF6cEJjjJEBWY0xXGf64uzdTnmKe4I:lt+c9zaltX/SjjJESDgmTlI

Malware Config

Targets

    • Target

      4750acf5a744622dbdeb5427fd75b5280186c54ef51c60a7b723000fc8a612f5N.exe

    • Size

      5.5MB

    • MD5

      4e03ba3afaeb72b04214e768a7616cc0

    • SHA1

      b49fc7602ba94a7156940367f58a31b65fabd40c

    • SHA256

      4750acf5a744622dbdeb5427fd75b5280186c54ef51c60a7b723000fc8a612f5

    • SHA512

      df7e4c2124598f725f2e44a1c04dd680f2334937ae6903c7f772ef74fb9c224d7a694d109e217f00f672a08166593c36bfe30b36c7775fd76175925282c088cc

    • SSDEEP

      49152:lA6CTj/yNEc+HQ4errUYEZTRtdJRgtiEtezF6cEJjjJEBWY0xXGf64uzdTnmKe4I:lt+c9zaltX/SjjJESDgmTlI

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks