General

  • Target

    7aa79f0e14c9cb159264bb1bbcfec5702125a21f8718f8cdd1de0aa36b3267daN.exe

  • Size

    7.1MB

  • Sample

    241210-xybjkszmdr

  • MD5

    d58df26275832d2210f044544c896c70

  • SHA1

    65354a0834a6b5a5ce0d84faff91dffa153d2abf

  • SHA256

    7aa79f0e14c9cb159264bb1bbcfec5702125a21f8718f8cdd1de0aa36b3267da

  • SHA512

    a2aa762f192ca2e3f9cfc98c8bb0e54220446cd97949be6f84087dcb312ff427d793156d719fd107613375bebf9592fe7368820cb446885d7448f4d8a39eae6f

  • SSDEEP

    196608:4fb2MSp3Tt6uCGAd1lUA2SPeuplxm2MSp3Tt6uCGAd1lUA2SPeuplx8fKu2MSp3w:AYt6uCGOlUpSPeupXXt6uCGOlUpSPeuY

Malware Config

Targets

    • Target

      7aa79f0e14c9cb159264bb1bbcfec5702125a21f8718f8cdd1de0aa36b3267daN.exe

    • Size

      7.1MB

    • MD5

      d58df26275832d2210f044544c896c70

    • SHA1

      65354a0834a6b5a5ce0d84faff91dffa153d2abf

    • SHA256

      7aa79f0e14c9cb159264bb1bbcfec5702125a21f8718f8cdd1de0aa36b3267da

    • SHA512

      a2aa762f192ca2e3f9cfc98c8bb0e54220446cd97949be6f84087dcb312ff427d793156d719fd107613375bebf9592fe7368820cb446885d7448f4d8a39eae6f

    • SSDEEP

      196608:4fb2MSp3Tt6uCGAd1lUA2SPeuplxm2MSp3Tt6uCGAd1lUA2SPeuplx8fKu2MSp3w:AYt6uCGOlUpSPeupXXt6uCGOlUpSPeuY

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks