General

  • Target

    42259cd0fbeb28badd9b9b6eaeb6ccd7ec0b436e1f0427cfa03a418cc6615f23N.exe

  • Size

    245KB

  • Sample

    241216-sqh68svjfk

  • MD5

    ad638113c5e9adc82d1f35dd1a7ee390

  • SHA1

    f0e193ac78ce3f55cbd859ad66e79d65887b5544

  • SHA256

    42259cd0fbeb28badd9b9b6eaeb6ccd7ec0b436e1f0427cfa03a418cc6615f23

  • SHA512

    2eba8d069624686cb928018885abbf9f0e00ee9eced0538c4a4dde2fd42b82ae4d4dd01f483958d8fcfb501c75b626aee1ad6893ffa4c1b6681ddf10429fdd31

  • SSDEEP

    6144:l9hN5aXpYc/HQS9YNlCUvuUOQwpgHzNJxFb8F:pPaXL9YNlCoHfb8F

Malware Config

Targets

    • Target

      42259cd0fbeb28badd9b9b6eaeb6ccd7ec0b436e1f0427cfa03a418cc6615f23N.exe

    • Size

      245KB

    • MD5

      ad638113c5e9adc82d1f35dd1a7ee390

    • SHA1

      f0e193ac78ce3f55cbd859ad66e79d65887b5544

    • SHA256

      42259cd0fbeb28badd9b9b6eaeb6ccd7ec0b436e1f0427cfa03a418cc6615f23

    • SHA512

      2eba8d069624686cb928018885abbf9f0e00ee9eced0538c4a4dde2fd42b82ae4d4dd01f483958d8fcfb501c75b626aee1ad6893ffa4c1b6681ddf10429fdd31

    • SSDEEP

      6144:l9hN5aXpYc/HQS9YNlCUvuUOQwpgHzNJxFb8F:pPaXL9YNlCoHfb8F

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks