General

  • Target

    7d74e7fcf8286e71afcba82ab266a8f3b66aaa75a8712c2bd7b95e5cc7c60310.exe

  • Size

    745KB

  • Sample

    241217-fh3jpaslcn

  • MD5

    72080c55231805dfc612569ec2c9161e

  • SHA1

    ea73ee2b1bfae1f7288b36e92ed128dc8db7f23b

  • SHA256

    7d74e7fcf8286e71afcba82ab266a8f3b66aaa75a8712c2bd7b95e5cc7c60310

  • SHA512

    fb720182bed1154a4c1aaf1e3bf0bba1e6ad26b17ca5fe8664c62572c4917a702819122ad44ca31f968a39c513517d6bc2735304965d0b6282f8956245d40439

  • SSDEEP

    12288:spUFRUgC6xu63uGNzcwC6GwWsRrA2SMgbbd5wDBp0ZUXaSmW6wc:spaRU2xPuGNzysibbd5wDBp7Xu

Malware Config

Targets

    • Target

      7d74e7fcf8286e71afcba82ab266a8f3b66aaa75a8712c2bd7b95e5cc7c60310.exe

    • Size

      745KB

    • MD5

      72080c55231805dfc612569ec2c9161e

    • SHA1

      ea73ee2b1bfae1f7288b36e92ed128dc8db7f23b

    • SHA256

      7d74e7fcf8286e71afcba82ab266a8f3b66aaa75a8712c2bd7b95e5cc7c60310

    • SHA512

      fb720182bed1154a4c1aaf1e3bf0bba1e6ad26b17ca5fe8664c62572c4917a702819122ad44ca31f968a39c513517d6bc2735304965d0b6282f8956245d40439

    • SSDEEP

      12288:spUFRUgC6xu63uGNzcwC6GwWsRrA2SMgbbd5wDBp0ZUXaSmW6wc:spaRU2xPuGNzysibbd5wDBp7Xu

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks