General

  • Target

    7936996c05471945b0a6daf94b067025a1e1dc5771d6a9779502a888ee25488b.exe

  • Size

    133KB

  • Sample

    241217-h5k92avlhn

  • MD5

    eb516c38a37f9d39933614335ce0d9e7

  • SHA1

    ef0745cb2d6ae175292257065c59c6b29de4e145

  • SHA256

    7936996c05471945b0a6daf94b067025a1e1dc5771d6a9779502a888ee25488b

  • SHA512

    cb6960613437dd86027be50eed23cf99fef66f7619dbfad9999adaaac677f7c46ad98763da0a8d24186afb4297e738a51600cd004a66f8d5f21649b579d74432

  • SSDEEP

    3072:zr8WDrC+c4mZx8Q8Cu1azdzOceGAOHejGk:PudZ9aaz9OcVY

Malware Config

Targets

    • Target

      7936996c05471945b0a6daf94b067025a1e1dc5771d6a9779502a888ee25488b.exe

    • Size

      133KB

    • MD5

      eb516c38a37f9d39933614335ce0d9e7

    • SHA1

      ef0745cb2d6ae175292257065c59c6b29de4e145

    • SHA256

      7936996c05471945b0a6daf94b067025a1e1dc5771d6a9779502a888ee25488b

    • SHA512

      cb6960613437dd86027be50eed23cf99fef66f7619dbfad9999adaaac677f7c46ad98763da0a8d24186afb4297e738a51600cd004a66f8d5f21649b579d74432

    • SSDEEP

      3072:zr8WDrC+c4mZx8Q8Cu1azdzOceGAOHejGk:PudZ9aaz9OcVY

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks