General

  • Target

    265c83e4cf1d0a49a36bd78e996e899ca3c7000e94788a158b5fb0af071fca4d

  • Size

    511KB

  • Sample

    241215-ydjvwswmhk

  • MD5

    940babb30629763885dff02ff3795bce

  • SHA1

    6493ac06c2f5e6e3334d216542c8567b0c6c3228

  • SHA256

    265c83e4cf1d0a49a36bd78e996e899ca3c7000e94788a158b5fb0af071fca4d

  • SHA512

    e4ea84ffb6837ffa762be2f814a6c9d557a92401ee1f9d0b108fb3edaf2a78478ae826325fd05ac6f8cfb2c41187997e6a9ed283fb0fe902d237b94c63dcc115

  • SSDEEP

    6144:l9uY5xi183qrsq8e14z8+cUHyYnwgYvSwSXccEq9mjvJrREcrnDC:Dw1BsqdUHyOvYvSwSZEqmFvC

Malware Config

Targets

    • Target

      265c83e4cf1d0a49a36bd78e996e899ca3c7000e94788a158b5fb0af071fca4d

    • Size

      511KB

    • MD5

      940babb30629763885dff02ff3795bce

    • SHA1

      6493ac06c2f5e6e3334d216542c8567b0c6c3228

    • SHA256

      265c83e4cf1d0a49a36bd78e996e899ca3c7000e94788a158b5fb0af071fca4d

    • SHA512

      e4ea84ffb6837ffa762be2f814a6c9d557a92401ee1f9d0b108fb3edaf2a78478ae826325fd05ac6f8cfb2c41187997e6a9ed283fb0fe902d237b94c63dcc115

    • SSDEEP

      6144:l9uY5xi183qrsq8e14z8+cUHyYnwgYvSwSXccEq9mjvJrREcrnDC:Dw1BsqdUHyOvYvSwSZEqmFvC

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks