General

  • Target

    cd96d088f870a2b6b11f67b9fae880c36b85919742242310eb6ed16b7b064023.exe

  • Size

    4.0MB

  • Sample

    241217-lhl5lawmcz

  • MD5

    416eba30bac065a06e9dc846b8deb807

  • SHA1

    2992e7d4cf87a9e67b41f75c14be29a2cfea5996

  • SHA256

    cd96d088f870a2b6b11f67b9fae880c36b85919742242310eb6ed16b7b064023

  • SHA512

    71e80275e741377fb4d53a569b52b6172106685574def18ceafc96dafb4a14fdcf8c4a23b7bc37ceb2a8b62d4c20e3557670a554ae5249fd42995fbdcbb3fa0f

  • SSDEEP

    98304:iTIgwjT16qt5U486uhJRSKXHyTDnep6jupOiYZuoj9ghi1RebMIg9Cbk/V8dEn:ZLgE2RSKXsKpOiYZuojDIg9Cbk/V8S

Malware Config

Targets

    • Target

      cd96d088f870a2b6b11f67b9fae880c36b85919742242310eb6ed16b7b064023.exe

    • Size

      4.0MB

    • MD5

      416eba30bac065a06e9dc846b8deb807

    • SHA1

      2992e7d4cf87a9e67b41f75c14be29a2cfea5996

    • SHA256

      cd96d088f870a2b6b11f67b9fae880c36b85919742242310eb6ed16b7b064023

    • SHA512

      71e80275e741377fb4d53a569b52b6172106685574def18ceafc96dafb4a14fdcf8c4a23b7bc37ceb2a8b62d4c20e3557670a554ae5249fd42995fbdcbb3fa0f

    • SSDEEP

      98304:iTIgwjT16qt5U486uhJRSKXHyTDnep6jupOiYZuoj9ghi1RebMIg9Cbk/V8dEn:ZLgE2RSKXsKpOiYZuojDIg9Cbk/V8S

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks