General

  • Target

    4437c5de7cc9dbebbf1d91456b1a630b272dc70a538121e57fc1d97a749a03c2N.exe

  • Size

    286KB

  • Sample

    241216-jjgkds1kby

  • MD5

    99bd77eb964e18f431c5a919245511b0

  • SHA1

    e9148e5c3abfc449869f205d6c67e5f62d2c33ca

  • SHA256

    4437c5de7cc9dbebbf1d91456b1a630b272dc70a538121e57fc1d97a749a03c2

  • SHA512

    5da874fa1c2758f5c24fe09673fefeb0b3a01bfe2721cdad98325a58c9ea89db5574f7448e4d8ad7a1d534375a2ed6096e92426938461d77da668157a5ed2219

  • SSDEEP

    6144:l9SSAMPGxN6IMWkv8zk6ZYMb9TBReyfzqAnyS+8DZ:aSAMPGxN6IM9v8z79TPpzqW1+eZ

Malware Config

Targets

    • Target

      4437c5de7cc9dbebbf1d91456b1a630b272dc70a538121e57fc1d97a749a03c2N.exe

    • Size

      286KB

    • MD5

      99bd77eb964e18f431c5a919245511b0

    • SHA1

      e9148e5c3abfc449869f205d6c67e5f62d2c33ca

    • SHA256

      4437c5de7cc9dbebbf1d91456b1a630b272dc70a538121e57fc1d97a749a03c2

    • SHA512

      5da874fa1c2758f5c24fe09673fefeb0b3a01bfe2721cdad98325a58c9ea89db5574f7448e4d8ad7a1d534375a2ed6096e92426938461d77da668157a5ed2219

    • SSDEEP

      6144:l9SSAMPGxN6IMWkv8zk6ZYMb9TBReyfzqAnyS+8DZ:aSAMPGxN6IM9v8z79TPpzqW1+eZ

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks