General

  • Target

    37cd2d0344bd26299e00890fc31dcf6bf509856abf5379fe631a22d99faccce7N.exe

  • Size

    291KB

  • Sample

    241216-t2etmawlcj

  • MD5

    9f0d94506273b2df2afefed7f2903c60

  • SHA1

    57dfda3b3630a27b7b3a13d9ebf9c2d7e40f32b4

  • SHA256

    37cd2d0344bd26299e00890fc31dcf6bf509856abf5379fe631a22d99faccce7

  • SHA512

    6935c5b9ceb09defe5980966d7d5e8bce8d4cd205a2b8572112265b917f49d08bbed65e76101ee967f2418058055e62eda9fafa1f9da23d30371cc1b207029f4

  • SSDEEP

    6144:l9fj64MPGxN1UNPxjWKqd1gBp9TBQKi0anxE92S:z64MPGxN1UNpjWKT9T3nanxEkS

Malware Config

Targets

    • Target

      37cd2d0344bd26299e00890fc31dcf6bf509856abf5379fe631a22d99faccce7N.exe

    • Size

      291KB

    • MD5

      9f0d94506273b2df2afefed7f2903c60

    • SHA1

      57dfda3b3630a27b7b3a13d9ebf9c2d7e40f32b4

    • SHA256

      37cd2d0344bd26299e00890fc31dcf6bf509856abf5379fe631a22d99faccce7

    • SHA512

      6935c5b9ceb09defe5980966d7d5e8bce8d4cd205a2b8572112265b917f49d08bbed65e76101ee967f2418058055e62eda9fafa1f9da23d30371cc1b207029f4

    • SSDEEP

      6144:l9fj64MPGxN1UNPxjWKqd1gBp9TBQKi0anxE92S:z64MPGxN1UNpjWKT9T3nanxEkS

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks