Overview

overview

10

Static

static

10

Desktop.zip

windows7-x64

10

KeyGen crackzerro.exe

windows7-x64

10

asd.txt

windows7-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Desktop.zip

  • Size

    2.5MB

  • Sample

    241210-p75j1s1lgj

  • MD5

    6cae9093a73f80e2af660da2ccd59df5

  • SHA1

    8f61a7135fb86593e0ad448fe40e15214a93ce39

  • SHA256

    f38c909fb6e933cb42c54d204cb8b7bb5166140fde80a4d4c9ec38232ce73726

  • SHA512

    e4e1c7ab8ba81b7269f1ae49a7d6c10b9382a15be84898680e494fe725b498c6dbe69a6bc80bd2929919cd8e9ffd4b4a3d64c84f29f489d5d40f2b3a241c3e05

  • SSDEEP

    49152:a/Jev9V1ZFPsXkERNkamWmLxm6HwurcU4pEyfagxbybJeQdthmLcpoYK8e7GB77G:OiZFePNkjW0xdwC3K7Co2JltRGF8dVVM

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      Desktop.zip

    • Size

      2.5MB

    • MD5

      6cae9093a73f80e2af660da2ccd59df5

    • SHA1

      8f61a7135fb86593e0ad448fe40e15214a93ce39

    • SHA256

      f38c909fb6e933cb42c54d204cb8b7bb5166140fde80a4d4c9ec38232ce73726

    • SHA512

      e4e1c7ab8ba81b7269f1ae49a7d6c10b9382a15be84898680e494fe725b498c6dbe69a6bc80bd2929919cd8e9ffd4b4a3d64c84f29f489d5d40f2b3a241c3e05

    • SSDEEP

      49152:a/Jev9V1ZFPsXkERNkamWmLxm6HwurcU4pEyfagxbybJeQdthmLcpoYK8e7GB77G:OiZFePNkjW0xdwC3K7Co2JltRGF8dVVM

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

    • Target

      KeyGen crackzerro.exe

    • Size

      2.5MB

    • MD5

      e72838eccda2eae29e96b0c572d783c3

    • SHA1

      60f0944ecbd21cf590445c12ba89a2ae48f27a6a

    • SHA256

      f824fdc666630ccb179d9086b79783e3ede76e4392a5edfdd20d93b7259ae061

    • SHA512

      7439902a4f16d29dcc4c749adc40f4541d509e607d915287c6c98f609ef14c4eb99ec507d7e7c853527a6c08628a367b21ae0f066828c2cc8792f2c1a3fa77f8

    • SSDEEP

      49152:IJdf39XFINkWr5kkYe6TdOYz44rcaMJIsjOO/ry3X0EdNZgJAxGEG8CZaFDG5UN:q9XaH5kheKdX4cjuR6q6XTNTI58ZTN

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral2

    • Target

      asd.txt

    • Size

      40B

    • MD5

      58c28bd3e0583c6769a3de3e60bf9877

    • SHA1

      3c114405a31197bf236c1934a0f9a8e5b2234eba

    • SHA256

      f0aa9f4a72641a92dd7fa9cd60904bd8db5e0e624f3de19867fc7bf8497698a6

    • SHA512

      1733261fdc9e92f3705be0f624ca6db93a03bddc4cf71e2ec1dd813d35fe03d943e8c32fc99743cd18e9803a58390eee602a372e359c392558a024f4faa6b3b7

    Score
    1/10
    behavioral3

MITRE ATT&CK Enterprise v15

Tasks