General

  • Target

    aa760c5a9c8fc82258bfcd1a909e38f68c75b427b243139cd2db96185e710dda.exe

  • Size

    909KB

  • Sample

    241211-c5tnhswqgq

  • MD5

    9c28666d25a29f1a5d1d6e06a997bc0f

  • SHA1

    90b347292b2c6c0c2c9f8d4385999f61c0107cbf

  • SHA256

    aa760c5a9c8fc82258bfcd1a909e38f68c75b427b243139cd2db96185e710dda

  • SHA512

    d83511dd8cd6a909bab65ea238b1c54c300654b3ae9b79773f0afa9160cc090f044c78c04180aa78edade32d023f109a0347af384253d32ce51cb9ec4c1f0845

  • SSDEEP

    12288:9hCQhW5n2m1D8NFEIkVHtV+x127MZS7SuMUlCzrik2PIWoVM0MjVKqE+JbG:7yBD8nEIkl6xS8waU8RkoMjVmqG

Malware Config

Targets

    • Target

      aa760c5a9c8fc82258bfcd1a909e38f68c75b427b243139cd2db96185e710dda.exe

    • Size

      909KB

    • MD5

      9c28666d25a29f1a5d1d6e06a997bc0f

    • SHA1

      90b347292b2c6c0c2c9f8d4385999f61c0107cbf

    • SHA256

      aa760c5a9c8fc82258bfcd1a909e38f68c75b427b243139cd2db96185e710dda

    • SHA512

      d83511dd8cd6a909bab65ea238b1c54c300654b3ae9b79773f0afa9160cc090f044c78c04180aa78edade32d023f109a0347af384253d32ce51cb9ec4c1f0845

    • SSDEEP

      12288:9hCQhW5n2m1D8NFEIkVHtV+x127MZS7SuMUlCzrik2PIWoVM0MjVKqE+JbG:7yBD8nEIkl6xS8waU8RkoMjVmqG

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks