General

  • Target

    57d2af018d311c3200fb90ddfa98c7d135a5b47ef5be18b24b9437246d560d4d.exe

  • Size

    119KB

  • Sample

    241210-q1mw3asjgk

  • MD5

    c8fe0cbb22e121d304ad118f602b3cbe

  • SHA1

    32a097c720e4d310984f7fa8e5735f8273a6cf81

  • SHA256

    57d2af018d311c3200fb90ddfa98c7d135a5b47ef5be18b24b9437246d560d4d

  • SHA512

    12132bf92c008d9df1ce160cfae589ac42bda06160e3e29e690de87f1d6d9e5274fda171beda5241d6731622a997103ccc3c3aabeabe8d047ce791ea1d7ca663

  • SSDEEP

    1536:JxqjQ+P04wsmJCbF+oIjVhhPoSeFB2D9X/42dX49uSxNy5fuAOKzxiTQl:sr85CbQp5hhPo9FMX/4eI9RNZAOKl

Malware Config

Targets

    • Target

      57d2af018d311c3200fb90ddfa98c7d135a5b47ef5be18b24b9437246d560d4d.exe

    • Size

      119KB

    • MD5

      c8fe0cbb22e121d304ad118f602b3cbe

    • SHA1

      32a097c720e4d310984f7fa8e5735f8273a6cf81

    • SHA256

      57d2af018d311c3200fb90ddfa98c7d135a5b47ef5be18b24b9437246d560d4d

    • SHA512

      12132bf92c008d9df1ce160cfae589ac42bda06160e3e29e690de87f1d6d9e5274fda171beda5241d6731622a997103ccc3c3aabeabe8d047ce791ea1d7ca663

    • SSDEEP

      1536:JxqjQ+P04wsmJCbF+oIjVhhPoSeFB2D9X/42dX49uSxNy5fuAOKzxiTQl:sr85CbQp5hhPo9FMX/4eI9RNZAOKl

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks