General

  • Target

    ef7f06df7425df3af23658429247e62f3fcedc8f8165094d7104d67e40b296beN.exe

  • Size

    1.3MB

  • Sample

    241216-xx7kmayjcz

  • MD5

    1d1d737e0bac00355ca69ac479917390

  • SHA1

    e000f38006271bd9012934f3ac593209ee06c7e5

  • SHA256

    ef7f06df7425df3af23658429247e62f3fcedc8f8165094d7104d67e40b296be

  • SHA512

    61360ff7636868c9b3ff214519e8457c02ff01f7493ee9d8e1b40de874db079970d94e762229589106462ea1ff040e3c90761f4529e5f8aefc535fbfac0bcc00

  • SSDEEP

    24576:xK78SzsMZCRMp8nFNJ3dcj7zql5Tnoo6WOnLpymOovCce36Ft6pAlxzIBaGq2JA:xK783MoXnFv3dcj7q5LsLp3CceMuczXV

Malware Config

Targets

    • Target

      ef7f06df7425df3af23658429247e62f3fcedc8f8165094d7104d67e40b296beN.exe

    • Size

      1.3MB

    • MD5

      1d1d737e0bac00355ca69ac479917390

    • SHA1

      e000f38006271bd9012934f3ac593209ee06c7e5

    • SHA256

      ef7f06df7425df3af23658429247e62f3fcedc8f8165094d7104d67e40b296be

    • SHA512

      61360ff7636868c9b3ff214519e8457c02ff01f7493ee9d8e1b40de874db079970d94e762229589106462ea1ff040e3c90761f4529e5f8aefc535fbfac0bcc00

    • SSDEEP

      24576:xK78SzsMZCRMp8nFNJ3dcj7zql5Tnoo6WOnLpymOovCce36Ft6pAlxzIBaGq2JA:xK783MoXnFv3dcj7q5LsLp3CceMuczXV

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks