General

  • Target

    f095edd3423076f157d82bf869f709baa7bc272620d4245b3e035282726ee118N.exe

  • Size

    4.0MB

  • Sample

    241217-j7n95swlaj

  • MD5

    b74870add31c96ba25ccc10ea42f8dd0

  • SHA1

    ec768f12f7bb8446cfeec207e73224cd42e8ed45

  • SHA256

    f095edd3423076f157d82bf869f709baa7bc272620d4245b3e035282726ee118

  • SHA512

    1e1816d1fd2a6c1e1525a57439aaf0549b720e0dabfeb7d6584054f2d8c705e40e5294836ab6164b6f9b0504209ab6679a28b63f40140fa5e67148612fd7a27c

  • SSDEEP

    49152:vDKt5jqtb72StuLh5cyqHo+oDc+HTst7R39JM9wWAToTCN7x/:L5KLhvN+ooV3ASWQ71

Malware Config

Targets

    • Target

      f095edd3423076f157d82bf869f709baa7bc272620d4245b3e035282726ee118N.exe

    • Size

      4.0MB

    • MD5

      b74870add31c96ba25ccc10ea42f8dd0

    • SHA1

      ec768f12f7bb8446cfeec207e73224cd42e8ed45

    • SHA256

      f095edd3423076f157d82bf869f709baa7bc272620d4245b3e035282726ee118

    • SHA512

      1e1816d1fd2a6c1e1525a57439aaf0549b720e0dabfeb7d6584054f2d8c705e40e5294836ab6164b6f9b0504209ab6679a28b63f40140fa5e67148612fd7a27c

    • SSDEEP

      49152:vDKt5jqtb72StuLh5cyqHo+oDc+HTst7R39JM9wWAToTCN7x/:L5KLhvN+ooV3ASWQ71

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks