General

  • Target

    1b7486abd49698ac808440590ecd91d64ed043274066808a7737d1c03e19b42b

  • Size

    1.6MB

  • Sample

    241216-ytzw2szndj

  • MD5

    3a582c5f152b4d54ca8b8f18ce4e854a

  • SHA1

    64d2e1f724b8e6805a8280499b317c5836404f34

  • SHA256

    1b7486abd49698ac808440590ecd91d64ed043274066808a7737d1c03e19b42b

  • SHA512

    d081adf645f2b951d5ec9f147b1179ada6c64a6bd8efba916168349ef4770170ad3173f3263179ff14b652be5af2c8f6502d28a3212635119a983b7e24e4f0d9

  • SSDEEP

    24576:7RXsDJx4wUPFK5J8mcBYYtp07lNvAxh+BSS9V7g+5EXbX1aIDkI6v:qMwUPgTAYYb07lN4X+d1WbX1as4

Malware Config

Targets

    • Target

      1b7486abd49698ac808440590ecd91d64ed043274066808a7737d1c03e19b42b

    • Size

      1.6MB

    • MD5

      3a582c5f152b4d54ca8b8f18ce4e854a

    • SHA1

      64d2e1f724b8e6805a8280499b317c5836404f34

    • SHA256

      1b7486abd49698ac808440590ecd91d64ed043274066808a7737d1c03e19b42b

    • SHA512

      d081adf645f2b951d5ec9f147b1179ada6c64a6bd8efba916168349ef4770170ad3173f3263179ff14b652be5af2c8f6502d28a3212635119a983b7e24e4f0d9

    • SSDEEP

      24576:7RXsDJx4wUPFK5J8mcBYYtp07lNvAxh+BSS9V7g+5EXbX1aIDkI6v:qMwUPgTAYYb07lN4X+d1WbX1as4

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks