General

  • Target

    96a879adcb93aab8473a2fef51ac5b4d976930c29cb4f9d65959d3dd7c407683.exe

  • Size

    2.6MB

  • Sample

    241216-317bxsvmgj

  • MD5

    f43b3d59ebbb84bc7a65017514e32dd8

  • SHA1

    436fa39bb1a4e6fa41cb81a1fa6e1f564d01c030

  • SHA256

    96a879adcb93aab8473a2fef51ac5b4d976930c29cb4f9d65959d3dd7c407683

  • SHA512

    cb538d0a926c0ebe330a0e379fa36725e430a88de3818dd24edba34a1332fdb464c81b5822a8287d46a02589c6609fbe73752f1095046de24ea29bf479d498ed

  • SSDEEP

    24576:Jcg5+B3FcrDCLihtjqHziKSis26X3w/65urcGxAj5CGSsYANkrXv8xilsKmdB1It:Jl0kDiutjqHsw6wrl8Ci4LeilsKmvat

Malware Config

Targets

    • Target

      96a879adcb93aab8473a2fef51ac5b4d976930c29cb4f9d65959d3dd7c407683.exe

    • Size

      2.6MB

    • MD5

      f43b3d59ebbb84bc7a65017514e32dd8

    • SHA1

      436fa39bb1a4e6fa41cb81a1fa6e1f564d01c030

    • SHA256

      96a879adcb93aab8473a2fef51ac5b4d976930c29cb4f9d65959d3dd7c407683

    • SHA512

      cb538d0a926c0ebe330a0e379fa36725e430a88de3818dd24edba34a1332fdb464c81b5822a8287d46a02589c6609fbe73752f1095046de24ea29bf479d498ed

    • SSDEEP

      24576:Jcg5+B3FcrDCLihtjqHziKSis26X3w/65urcGxAj5CGSsYANkrXv8xilsKmdB1It:Jl0kDiutjqHsw6wrl8Ci4LeilsKmvat

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks