General

  • Target

    7c3a32d13903cdc5224113aa8bd4884a10d57381c2d9c6eb346ed13cc6baa75bN.exe

  • Size

    349KB

  • Sample

    241217-dqmr4azlek

  • MD5

    d1688bb079bb1cfdda7707c87c87edf0

  • SHA1

    10be0b4192e75a98416a013a8a96ecff28a521f6

  • SHA256

    7c3a32d13903cdc5224113aa8bd4884a10d57381c2d9c6eb346ed13cc6baa75b

  • SHA512

    cef481f03241c2c38d2d7a6824a76b4559ae6d31966cd632fa551b7b2fabbe9e8b7dd89eda4543222dd470b6e15a032743ab8856cbde4a5bb4ae0e039442a300

  • SSDEEP

    3072:zr8WDrChywK6kYeK6oMfSuPb41Zy1nYlpmb5WY0B3SI1BC+Pd31fuUtPOVVP0j8M:PuS9KxM6urSK9U3oWlWVgahx4D9cO

Malware Config

Targets

    • Target

      7c3a32d13903cdc5224113aa8bd4884a10d57381c2d9c6eb346ed13cc6baa75bN.exe

    • Size

      349KB

    • MD5

      d1688bb079bb1cfdda7707c87c87edf0

    • SHA1

      10be0b4192e75a98416a013a8a96ecff28a521f6

    • SHA256

      7c3a32d13903cdc5224113aa8bd4884a10d57381c2d9c6eb346ed13cc6baa75b

    • SHA512

      cef481f03241c2c38d2d7a6824a76b4559ae6d31966cd632fa551b7b2fabbe9e8b7dd89eda4543222dd470b6e15a032743ab8856cbde4a5bb4ae0e039442a300

    • SSDEEP

      3072:zr8WDrChywK6kYeK6oMfSuPb41Zy1nYlpmb5WY0B3SI1BC+Pd31fuUtPOVVP0j8M:PuS9KxM6urSK9U3oWlWVgahx4D9cO

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks