General

  • Target

    0bcf2312bca54fdd1eedd208fdf3acc65dabc3a5280dc66a6104acfb9ce5075b.exe

  • Size

    349KB

  • Sample

    241217-d77htszqgj

  • MD5

    385c365182211087bf0e77c5ef47c677

  • SHA1

    14522cfc1d1735d63fe54182bf2cc0d761a58ef9

  • SHA256

    0bcf2312bca54fdd1eedd208fdf3acc65dabc3a5280dc66a6104acfb9ce5075b

  • SHA512

    fa61d6efbd1786ae9375c80ee8d4c26e7bfeaee83fbac378dfc5331cf0cb51a76eff7d244d2fb62f7f0022d994950c973b30f05e6c9370aed947e0c7af55d192

  • SSDEEP

    3072:zr8WDrChywK6kYeK6oMfSuPb41Zy1nYlpmb5WY0B3SI1BC+Pd31fuUtPOVVP0j8M:PuS9KxM6urSK9U3oWlWVgahx4D9c+

Malware Config

Targets

    • Target

      0bcf2312bca54fdd1eedd208fdf3acc65dabc3a5280dc66a6104acfb9ce5075b.exe

    • Size

      349KB

    • MD5

      385c365182211087bf0e77c5ef47c677

    • SHA1

      14522cfc1d1735d63fe54182bf2cc0d761a58ef9

    • SHA256

      0bcf2312bca54fdd1eedd208fdf3acc65dabc3a5280dc66a6104acfb9ce5075b

    • SHA512

      fa61d6efbd1786ae9375c80ee8d4c26e7bfeaee83fbac378dfc5331cf0cb51a76eff7d244d2fb62f7f0022d994950c973b30f05e6c9370aed947e0c7af55d192

    • SSDEEP

      3072:zr8WDrChywK6kYeK6oMfSuPb41Zy1nYlpmb5WY0B3SI1BC+Pd31fuUtPOVVP0j8M:PuS9KxM6urSK9U3oWlWVgahx4D9c+

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks