General

  • Target

    0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4

  • Size

    201KB

  • Sample

    241216-yeg3pazkgj

  • MD5

    98a8a149332de1598102af4f45ed7347

  • SHA1

    a651ef6471473c09e6afddb5f5a92664301a373e

  • SHA256

    0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4

  • SHA512

    cdb5c5476196e0c346bf8a4674bb23b6794a265f85edce7e3f5778af9fd9112316ff60c14385983b7797c49f0be15e699dc3653c3b708a3b161e8720847fdb15

  • SSDEEP

    3072:sr85CrOeZ/XyHIplTnTpw/8IBwZpRVJEMVDqyJ2z9IDqQT6jO5/X9KxymRximtif:k9/DAIVJ9D3J2z9I+BjyVYo6Y9D

Malware Config

Targets

    • Target

      0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4

    • Size

      201KB

    • MD5

      98a8a149332de1598102af4f45ed7347

    • SHA1

      a651ef6471473c09e6afddb5f5a92664301a373e

    • SHA256

      0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4

    • SHA512

      cdb5c5476196e0c346bf8a4674bb23b6794a265f85edce7e3f5778af9fd9112316ff60c14385983b7797c49f0be15e699dc3653c3b708a3b161e8720847fdb15

    • SSDEEP

      3072:sr85CrOeZ/XyHIplTnTpw/8IBwZpRVJEMVDqyJ2z9IDqQT6jO5/X9KxymRximtif:k9/DAIVJ9D3J2z9I+BjyVYo6Y9D

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks