General

  • Target

    8c4587422f9367aa4297f9549c6fc2170d89a2ecee42dc195d98ae8c46f70c4f.exe

  • Size

    3.3MB

  • Sample

    241210-y48a6ssmdn

  • MD5

    41a1f31a097c35cf928f7f1d2030b1a2

  • SHA1

    76e2a90108130b23749b4f16fc2112d046506980

  • SHA256

    8c4587422f9367aa4297f9549c6fc2170d89a2ecee42dc195d98ae8c46f70c4f

  • SHA512

    557c98906ab8035b3d7dc025825c490b4c1b5f6da2a13ca791d0983b12ef524d96e945f7a3b6048a53cc61ab5648f34e626e37fcf7256a5cff64c2ec6c21afe2

  • SSDEEP

    49152:LLGgDIQcv1m+mw7GOdJjF9Mh/MUinyZsIxmYDV/wtVCRBrXjUtLyImxwEfySvNO:LLitGUyF5w6BrjULmwSvNO

Malware Config

Targets

    • Target

      8c4587422f9367aa4297f9549c6fc2170d89a2ecee42dc195d98ae8c46f70c4f.exe

    • Size

      3.3MB

    • MD5

      41a1f31a097c35cf928f7f1d2030b1a2

    • SHA1

      76e2a90108130b23749b4f16fc2112d046506980

    • SHA256

      8c4587422f9367aa4297f9549c6fc2170d89a2ecee42dc195d98ae8c46f70c4f

    • SHA512

      557c98906ab8035b3d7dc025825c490b4c1b5f6da2a13ca791d0983b12ef524d96e945f7a3b6048a53cc61ab5648f34e626e37fcf7256a5cff64c2ec6c21afe2

    • SSDEEP

      49152:LLGgDIQcv1m+mw7GOdJjF9Mh/MUinyZsIxmYDV/wtVCRBrXjUtLyImxwEfySvNO:LLitGUyF5w6BrjULmwSvNO

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks