General

  • Target

    059d6d8b7a8ae3ddbb6f29355f594d56543f40bca8a2fd59a1a31382bbe1d496.exe

  • Size

    4.0MB

  • Sample

    241217-h28adstncx

  • MD5

    5202ce2b60bd75239cb6933ea5377700

  • SHA1

    50fc8c5e45ba07553f5116a04e22cdba99fe0a75

  • SHA256

    059d6d8b7a8ae3ddbb6f29355f594d56543f40bca8a2fd59a1a31382bbe1d496

  • SHA512

    5d5a1e5702a84ba6df2b9082bad7315c37bc4cb2e849ebd174cdad1375006ac71ff7d2cf368b3127bb9a17069a8d1925696912f8c2aedc910a9a5622d56668a4

  • SSDEEP

    49152:vDKt5jqtb72StuLh5cyqHo+oDc+HTst7R39JM9wWAToTCN7x/s:L5KLhvN+ooV3ASWQ71s

Malware Config

Targets

    • Target

      059d6d8b7a8ae3ddbb6f29355f594d56543f40bca8a2fd59a1a31382bbe1d496.exe

    • Size

      4.0MB

    • MD5

      5202ce2b60bd75239cb6933ea5377700

    • SHA1

      50fc8c5e45ba07553f5116a04e22cdba99fe0a75

    • SHA256

      059d6d8b7a8ae3ddbb6f29355f594d56543f40bca8a2fd59a1a31382bbe1d496

    • SHA512

      5d5a1e5702a84ba6df2b9082bad7315c37bc4cb2e849ebd174cdad1375006ac71ff7d2cf368b3127bb9a17069a8d1925696912f8c2aedc910a9a5622d56668a4

    • SSDEEP

      49152:vDKt5jqtb72StuLh5cyqHo+oDc+HTst7R39JM9wWAToTCN7x/s:L5KLhvN+ooV3ASWQ71s

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks