General

  • Target

    f44d3bbb0fe2941d8f58ba561ffdf4bda1c527fa49c87404da10f819d638823c.exe

  • Size

    3.0MB

  • Sample

    241211-hhetqs1pcy

  • MD5

    d4e007b55d1f4d4da0e2c3b5d9e9a2c2

  • SHA1

    0bee851e5c48b5e99c1813ebce27dc40c6960a12

  • SHA256

    f44d3bbb0fe2941d8f58ba561ffdf4bda1c527fa49c87404da10f819d638823c

  • SHA512

    bcd3d8f851e1e99d623a12cb725baf5ab68877b0fe666d29e8e4ec1b62e7caa53a159b32abf5151c825e6f00de3f6628f4bdcacf5bb530b509bad37d931be6f9

  • SSDEEP

    98304:3duTq1Gf2JQU6c5LLk07csJoj9ghi1RebM390bYV/x:ksXxFJojD390bYVZ

Malware Config

Targets

    • Target

      f44d3bbb0fe2941d8f58ba561ffdf4bda1c527fa49c87404da10f819d638823c.exe

    • Size

      3.0MB

    • MD5

      d4e007b55d1f4d4da0e2c3b5d9e9a2c2

    • SHA1

      0bee851e5c48b5e99c1813ebce27dc40c6960a12

    • SHA256

      f44d3bbb0fe2941d8f58ba561ffdf4bda1c527fa49c87404da10f819d638823c

    • SHA512

      bcd3d8f851e1e99d623a12cb725baf5ab68877b0fe666d29e8e4ec1b62e7caa53a159b32abf5151c825e6f00de3f6628f4bdcacf5bb530b509bad37d931be6f9

    • SSDEEP

      98304:3duTq1Gf2JQU6c5LLk07csJoj9ghi1RebM390bYV/x:ksXxFJojD390bYVZ

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks