General

  • Target

    8c526c95605696609a0dc22be1fbc39e88ff6def3ba05763fc923279b5d0378bN.exe

  • Size

    2.0MB

  • Sample

    241217-bwemkaxkal

  • MD5

    aa6c3a0e709eb4b7b4e072048307bd20

  • SHA1

    c8de9f1bcf5ff9571d2c77075ecb5dc8e08bb36a

  • SHA256

    8c526c95605696609a0dc22be1fbc39e88ff6def3ba05763fc923279b5d0378b

  • SHA512

    4095a0b9a894359f09e64f24123c75fc29c236cb9966fc5ef998ddee5f5b196c68d2e9410586e76dd6b25bd941950795710ab567e8c1123753718465fc2f9d7a

  • SSDEEP

    24576:X/Bq8qiAVKxZn27hSDiPzN5O7kXvk/0eQ3:X/BFmTPJ5O7Ak/0eQ3

Malware Config

Targets

    • Target

      8c526c95605696609a0dc22be1fbc39e88ff6def3ba05763fc923279b5d0378bN.exe

    • Size

      2.0MB

    • MD5

      aa6c3a0e709eb4b7b4e072048307bd20

    • SHA1

      c8de9f1bcf5ff9571d2c77075ecb5dc8e08bb36a

    • SHA256

      8c526c95605696609a0dc22be1fbc39e88ff6def3ba05763fc923279b5d0378b

    • SHA512

      4095a0b9a894359f09e64f24123c75fc29c236cb9966fc5ef998ddee5f5b196c68d2e9410586e76dd6b25bd941950795710ab567e8c1123753718465fc2f9d7a

    • SSDEEP

      24576:X/Bq8qiAVKxZn27hSDiPzN5O7kXvk/0eQ3:X/BFmTPJ5O7Ak/0eQ3

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks