General

  • Target

    48816e60572478ba47b0ce26fc2b561ab564f19b3d36e886cc629d13cc341958

  • Size

    1.6MB

  • Sample

    241215-1tk41ayme1

  • MD5

    3f02604a89cc3888495e756ae7a6c1a4

  • SHA1

    ed455655e707ba4963b0ec2175a96ff37daa5bc0

  • SHA256

    48816e60572478ba47b0ce26fc2b561ab564f19b3d36e886cc629d13cc341958

  • SHA512

    5e25a44a09b23b059a6a4b5821389585480358e443532ac7a867f6841cc2d5014f98e67dc473791e4b93ec7cd93dbf4b06aa35c921a8c922a9c00f2030134d84

  • SSDEEP

    49152:khWSGltAJskBJiKlhmQ3OWJ0Wylj2t7ZAPZ8dzB:khWStdLJ0WyljsAPk

Malware Config

Targets

    • Target

      48816e60572478ba47b0ce26fc2b561ab564f19b3d36e886cc629d13cc341958

    • Size

      1.6MB

    • MD5

      3f02604a89cc3888495e756ae7a6c1a4

    • SHA1

      ed455655e707ba4963b0ec2175a96ff37daa5bc0

    • SHA256

      48816e60572478ba47b0ce26fc2b561ab564f19b3d36e886cc629d13cc341958

    • SHA512

      5e25a44a09b23b059a6a4b5821389585480358e443532ac7a867f6841cc2d5014f98e67dc473791e4b93ec7cd93dbf4b06aa35c921a8c922a9c00f2030134d84

    • SSDEEP

      49152:khWSGltAJskBJiKlhmQ3OWJ0Wylj2t7ZAPZ8dzB:khWStdLJ0WyljsAPk

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks