General

  • Target

    4d8e6d39cb49deb11272c864861d4d1906fad5dcca283c4e7a1d65cf52ddf831

  • Size

    211KB

  • Sample

    241217-18f4lazpcz

  • MD5

    3a89aa713068c01a83d4745524ea7ba6

  • SHA1

    83e630e6e31bf84d4f45761db0483b9e37a50b79

  • SHA256

    4d8e6d39cb49deb11272c864861d4d1906fad5dcca283c4e7a1d65cf52ddf831

  • SHA512

    9679b03f3f075e834af94f2e615cdc2f5f09e393488a4b1f2f9d3f6fcd237b532df1869f10186e1ca24e8cb9151e72f868cdd16c875103efdd2930dc1676779b

  • SSDEEP

    6144:k9eBXeMInVQQU7keNTAH/n+nIrjrONLQ/obW:1BXeMIn+NkgbW

Malware Config

Targets

    • Target

      4d8e6d39cb49deb11272c864861d4d1906fad5dcca283c4e7a1d65cf52ddf831

    • Size

      211KB

    • MD5

      3a89aa713068c01a83d4745524ea7ba6

    • SHA1

      83e630e6e31bf84d4f45761db0483b9e37a50b79

    • SHA256

      4d8e6d39cb49deb11272c864861d4d1906fad5dcca283c4e7a1d65cf52ddf831

    • SHA512

      9679b03f3f075e834af94f2e615cdc2f5f09e393488a4b1f2f9d3f6fcd237b532df1869f10186e1ca24e8cb9151e72f868cdd16c875103efdd2930dc1676779b

    • SSDEEP

      6144:k9eBXeMInVQQU7keNTAH/n+nIrjrONLQ/obW:1BXeMIn+NkgbW

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks