General

  • Target

    e39f51c2875cc72edab6ed991b4e54d204b3d706ee28561e99969ad10ee97b47.exe

  • Size

    161KB

  • Sample

    241211-hxbqmaskhs

  • MD5

    adf8ce1456342eba871ca40b7ef9bebb

  • SHA1

    2dbd917cfc7e89f888ac6926f0ff3ff15ea44070

  • SHA256

    e39f51c2875cc72edab6ed991b4e54d204b3d706ee28561e99969ad10ee97b47

  • SHA512

    8520e8a9546adaa38c6313532445563be2c5cf6d2bbe83ecf089b4ad29c8635bf13172dc8f03e0fb50b1d5bc9f00f708375c167f2d7c8e85e6a22d0c9440bad8

  • SSDEEP

    1536:JxqjQ+P04wsmJCRQh4tE3kgmhTXAEpXEgmghi2MhPPMpuFsj3YOb:sr85CAmEUgcTXAEpUgy1hPPsuFsTYQ

Malware Config

Targets

    • Target

      e39f51c2875cc72edab6ed991b4e54d204b3d706ee28561e99969ad10ee97b47.exe

    • Size

      161KB

    • MD5

      adf8ce1456342eba871ca40b7ef9bebb

    • SHA1

      2dbd917cfc7e89f888ac6926f0ff3ff15ea44070

    • SHA256

      e39f51c2875cc72edab6ed991b4e54d204b3d706ee28561e99969ad10ee97b47

    • SHA512

      8520e8a9546adaa38c6313532445563be2c5cf6d2bbe83ecf089b4ad29c8635bf13172dc8f03e0fb50b1d5bc9f00f708375c167f2d7c8e85e6a22d0c9440bad8

    • SSDEEP

      1536:JxqjQ+P04wsmJCRQh4tE3kgmhTXAEpXEgmghi2MhPPMpuFsj3YOb:sr85CAmEUgcTXAEpUgy1hPPsuFsTYQ

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks