General

  • Target

    3687819aeb88e787233ac2f3db207305f74c2a68f5ee972efe0f76caefd6bfbdN.exe

  • Size

    285KB

  • Sample

    241216-emqj9atjd1

  • MD5

    25e1b91a94bcb17438a3a12b8a45a750

  • SHA1

    7a5767f1b42a419660160634de72f34cba5f9768

  • SHA256

    3687819aeb88e787233ac2f3db207305f74c2a68f5ee972efe0f76caefd6bfbd

  • SHA512

    76381b5656640600bfbd8745cb0b86b921871586d6892bd43a1af94d48cfb6dcedc1675f040c70a0c4fe840e8ebe34a7d837dbd27767f9ff5a4d18ed1c6a72d0

  • SSDEEP

    6144:l9w5oT6FBfHUGwf+AyJLDmb39TBijHwQgKt5TGG:Y5oT6FBfHhw2AyM9ToHPXPyG

Malware Config

Targets

    • Target

      3687819aeb88e787233ac2f3db207305f74c2a68f5ee972efe0f76caefd6bfbdN.exe

    • Size

      285KB

    • MD5

      25e1b91a94bcb17438a3a12b8a45a750

    • SHA1

      7a5767f1b42a419660160634de72f34cba5f9768

    • SHA256

      3687819aeb88e787233ac2f3db207305f74c2a68f5ee972efe0f76caefd6bfbd

    • SHA512

      76381b5656640600bfbd8745cb0b86b921871586d6892bd43a1af94d48cfb6dcedc1675f040c70a0c4fe840e8ebe34a7d837dbd27767f9ff5a4d18ed1c6a72d0

    • SSDEEP

      6144:l9w5oT6FBfHUGwf+AyJLDmb39TBijHwQgKt5TGG:Y5oT6FBfHhw2AyM9ToHPXPyG

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks