General

  • Target

    7c2cb3c47a69000605279e9cc663d03b0264ae7e962d5bdca840454c39d9f907.exe

  • Size

    186KB

  • Sample

    241217-jyc6hsvldv

  • MD5

    f85b22fd938cbdd1b71def715bd0e868

  • SHA1

    ba81a110782b938c3ab716cd2d2ba7427120752b

  • SHA256

    7c2cb3c47a69000605279e9cc663d03b0264ae7e962d5bdca840454c39d9f907

  • SHA512

    320d4275621722026e6d633d1f7f335044f108cf665118011caa5743eb47f3504f2f5b5c04be25849478a1e531a8cf36ab130334c9ceb735cd8a7c1aca6c500c

  • SSDEEP

    3072:sr85CkkbAYn2GgYlBYN2fHYTo+n2t8wDSRUTDr85C5:k9xbAMpgY3gTa8DRUTf95

Malware Config

Targets

    • Target

      7c2cb3c47a69000605279e9cc663d03b0264ae7e962d5bdca840454c39d9f907.exe

    • Size

      186KB

    • MD5

      f85b22fd938cbdd1b71def715bd0e868

    • SHA1

      ba81a110782b938c3ab716cd2d2ba7427120752b

    • SHA256

      7c2cb3c47a69000605279e9cc663d03b0264ae7e962d5bdca840454c39d9f907

    • SHA512

      320d4275621722026e6d633d1f7f335044f108cf665118011caa5743eb47f3504f2f5b5c04be25849478a1e531a8cf36ab130334c9ceb735cd8a7c1aca6c500c

    • SSDEEP

      3072:sr85CkkbAYn2GgYlBYN2fHYTo+n2t8wDSRUTDr85C5:k9xbAMpgY3gTa8DRUTf95

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks