General

  • Target

    7814dbef56a19d4a74c942c493afbab57698427701e8d87c42714a96eb86d180N.exe

  • Size

    82KB

  • Sample

    241216-aktrnswldr

  • MD5

    7d2a0b2ebd083e69961085ca5f6b7930

  • SHA1

    d383a9698693e5c1c1ad7bec098608ddccefd430

  • SHA256

    7814dbef56a19d4a74c942c493afbab57698427701e8d87c42714a96eb86d180

  • SHA512

    9dad60f1b5900973f70e3a2e021dea77506d4afe27913b69cef0322af16796464d06e4942ee7e4ee02636ebd6f0ad610aa06d4276250f07c1faf7b28b753e118

  • SSDEEP

    1536:yxqjQ+P04wsZLnDrCh3lqqfQHIkGlFUVvv/XxA:zr8WDrCh3HgGM3/XxA

Malware Config

Targets

    • Target

      7814dbef56a19d4a74c942c493afbab57698427701e8d87c42714a96eb86d180N.exe

    • Size

      82KB

    • MD5

      7d2a0b2ebd083e69961085ca5f6b7930

    • SHA1

      d383a9698693e5c1c1ad7bec098608ddccefd430

    • SHA256

      7814dbef56a19d4a74c942c493afbab57698427701e8d87c42714a96eb86d180

    • SHA512

      9dad60f1b5900973f70e3a2e021dea77506d4afe27913b69cef0322af16796464d06e4942ee7e4ee02636ebd6f0ad610aa06d4276250f07c1faf7b28b753e118

    • SSDEEP

      1536:yxqjQ+P04wsZLnDrCh3lqqfQHIkGlFUVvv/XxA:zr8WDrCh3HgGM3/XxA

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks