General

  • Target

    18bf198363b0f6a65fd36dba8fbf843de49087eca757e84e2b3cda10419704c4.exe

  • Size

    1.4MB

  • Sample

    241217-24cfaa1rdy

  • MD5

    b469e9c90af3d7684e5b0e0c3374bf3a

  • SHA1

    d77d0c47628b89d9710bbb126429237726b3e8d9

  • SHA256

    18bf198363b0f6a65fd36dba8fbf843de49087eca757e84e2b3cda10419704c4

  • SHA512

    8959a3ed70bfe07a7a8d4d44d4c4ca6b988f3c5db2fd86009bdcbdfb82c04002b6689a80825b233afa9b5cc43130493c9b385478a76b5fc5229a70fd651e7c4a

  • SSDEEP

    24576:Mh3QCxH+ORg5Ep0c6fe0tTEtfufO1pLofVukuJ4QqRk4u2+jKvwcbaiRaY2dLEIe:Mhhg5EuJfHt3fO1pcNukuMk4unmbHUYP

Malware Config

Targets

    • Target

      18bf198363b0f6a65fd36dba8fbf843de49087eca757e84e2b3cda10419704c4.exe

    • Size

      1.4MB

    • MD5

      b469e9c90af3d7684e5b0e0c3374bf3a

    • SHA1

      d77d0c47628b89d9710bbb126429237726b3e8d9

    • SHA256

      18bf198363b0f6a65fd36dba8fbf843de49087eca757e84e2b3cda10419704c4

    • SHA512

      8959a3ed70bfe07a7a8d4d44d4c4ca6b988f3c5db2fd86009bdcbdfb82c04002b6689a80825b233afa9b5cc43130493c9b385478a76b5fc5229a70fd651e7c4a

    • SSDEEP

      24576:Mh3QCxH+ORg5Ep0c6fe0tTEtfufO1pLofVukuJ4QqRk4u2+jKvwcbaiRaY2dLEIe:Mhhg5EuJfHt3fO1pcNukuMk4unmbHUYP

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks