General

  • Target

    ca531ff4e3732d034f4844344ca2402e2eb407353f4c8f43b483ecb020a53d2e.exe

  • Size

    3.1MB

  • Sample

    241210-lvxrvsxpap

  • MD5

    5f102eae71088eb027e33b6d4e4a6e40

  • SHA1

    d25d8c041436b4f6f0de637c4dabaebbd8c9499f

  • SHA256

    ca531ff4e3732d034f4844344ca2402e2eb407353f4c8f43b483ecb020a53d2e

  • SHA512

    39dcfb6634b307df6169f5b270937a28931a71967674ef6219c956c9ec2f151d336c1eeccf1bdfa505a7ec5a0b879880f3bb79da366261b67ed619f3035a3d61

  • SSDEEP

    49152:HsO/CXZZZZZZZZZZZZZZNz/MrHJ+5fFKL/A7Xb3P1nQsveZWujtFLaJS4BXxqrYc:dCN/fsLOXbf1nQ0qLeenm+D

Malware Config

Targets

    • Target

      ca531ff4e3732d034f4844344ca2402e2eb407353f4c8f43b483ecb020a53d2e.exe

    • Size

      3.1MB

    • MD5

      5f102eae71088eb027e33b6d4e4a6e40

    • SHA1

      d25d8c041436b4f6f0de637c4dabaebbd8c9499f

    • SHA256

      ca531ff4e3732d034f4844344ca2402e2eb407353f4c8f43b483ecb020a53d2e

    • SHA512

      39dcfb6634b307df6169f5b270937a28931a71967674ef6219c956c9ec2f151d336c1eeccf1bdfa505a7ec5a0b879880f3bb79da366261b67ed619f3035a3d61

    • SSDEEP

      49152:HsO/CXZZZZZZZZZZZZZZNz/MrHJ+5fFKL/A7Xb3P1nQsveZWujtFLaJS4BXxqrYc:dCN/fsLOXbf1nQ0qLeenm+D

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks