General

  • Target

    38b473190c3e9a4ed55bdcadb00708157f028f55d22d4ac8de54f88d40f1dc99N.exe

  • Size

    1.8MB

  • Sample

    241216-xbnkmaykbq

  • MD5

    f099d69cd972b6ee0fbd09aed29b62b0

  • SHA1

    1e3a97a7b81c2057efbaea08d3ab7c60bb4a9758

  • SHA256

    38b473190c3e9a4ed55bdcadb00708157f028f55d22d4ac8de54f88d40f1dc99

  • SHA512

    c67fee3fbcc5268ac6fd1bbbb82477e5f3080b5b4646af652b42d8bba6d7fd2f8b2cc6625e1c038328736fa5440c030a20f91efe1043274231416955195dcf64

  • SSDEEP

    49152:SIV3R3F9DfcEBULZQGuZ0QMln2j3dt/c7rPf:dF9DRBCmRZ1MN2P/c7rPf

Malware Config

Targets

    • Target

      38b473190c3e9a4ed55bdcadb00708157f028f55d22d4ac8de54f88d40f1dc99N.exe

    • Size

      1.8MB

    • MD5

      f099d69cd972b6ee0fbd09aed29b62b0

    • SHA1

      1e3a97a7b81c2057efbaea08d3ab7c60bb4a9758

    • SHA256

      38b473190c3e9a4ed55bdcadb00708157f028f55d22d4ac8de54f88d40f1dc99

    • SHA512

      c67fee3fbcc5268ac6fd1bbbb82477e5f3080b5b4646af652b42d8bba6d7fd2f8b2cc6625e1c038328736fa5440c030a20f91efe1043274231416955195dcf64

    • SSDEEP

      49152:SIV3R3F9DfcEBULZQGuZ0QMln2j3dt/c7rPf:dF9DRBCmRZ1MN2P/c7rPf

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks