General

  • Target

    4246a7e6bf470b881ecc5a1d0a8713df0b7b781d00a70fb91148434ad5087375.exe

  • Size

    3.7MB

  • Sample

    241217-3lmc7sspbw

  • MD5

    e90d3ca2b9d99f57cd43ab9fd1e2c638

  • SHA1

    80413fd4a4736888a7416a91619e04c7cf9d865d

  • SHA256

    4246a7e6bf470b881ecc5a1d0a8713df0b7b781d00a70fb91148434ad5087375

  • SHA512

    c2e046291f5a425d2ecccceb477a23fc4c4bf6b0554865436b59d95eadea56e234e4a2ebfcce52ddfdf281be441ed268cafacd30795a4433eacc29bae26dcf9f

  • SSDEEP

    49152:8G71e1Fst+Weyfh6Qof06bhPiZkbESA6szlIMH9Q/f1xW1H9:uSCQubESA6sz+o

Malware Config

Targets

    • Target

      4246a7e6bf470b881ecc5a1d0a8713df0b7b781d00a70fb91148434ad5087375.exe

    • Size

      3.7MB

    • MD5

      e90d3ca2b9d99f57cd43ab9fd1e2c638

    • SHA1

      80413fd4a4736888a7416a91619e04c7cf9d865d

    • SHA256

      4246a7e6bf470b881ecc5a1d0a8713df0b7b781d00a70fb91148434ad5087375

    • SHA512

      c2e046291f5a425d2ecccceb477a23fc4c4bf6b0554865436b59d95eadea56e234e4a2ebfcce52ddfdf281be441ed268cafacd30795a4433eacc29bae26dcf9f

    • SSDEEP

      49152:8G71e1Fst+Weyfh6Qof06bhPiZkbESA6szlIMH9Q/f1xW1H9:uSCQubESA6sz+o

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks