General

  • Target

    888e49a1cc87128b2d58cd7b46ee343cfe603d6bede334fa12d466fbef866364N.exe

  • Size

    186KB

  • Sample

    241217-pse1tayrfz

  • MD5

    39983e2afcac9ebce83b38a6d81e80b0

  • SHA1

    bd526fbce7cfc56eaa25c767507bba81d6557d7c

  • SHA256

    888e49a1cc87128b2d58cd7b46ee343cfe603d6bede334fa12d466fbef866364

  • SHA512

    f5c1d9b893038839cd84991d5a0bd4a37e954618c658660b78b8751c4aa233c31796fe39c55e410349f5299566005093410053ec005cfbf33d94c935d697b748

  • SSDEEP

    3072:sr85CkkbAYn2GgYlBYN2fHYTo+n2t8wDSRUTDr85C:k9xbAMpgY3gTa8DRUTf9

Malware Config

Targets

    • Target

      888e49a1cc87128b2d58cd7b46ee343cfe603d6bede334fa12d466fbef866364N.exe

    • Size

      186KB

    • MD5

      39983e2afcac9ebce83b38a6d81e80b0

    • SHA1

      bd526fbce7cfc56eaa25c767507bba81d6557d7c

    • SHA256

      888e49a1cc87128b2d58cd7b46ee343cfe603d6bede334fa12d466fbef866364

    • SHA512

      f5c1d9b893038839cd84991d5a0bd4a37e954618c658660b78b8751c4aa233c31796fe39c55e410349f5299566005093410053ec005cfbf33d94c935d697b748

    • SSDEEP

      3072:sr85CkkbAYn2GgYlBYN2fHYTo+n2t8wDSRUTDr85C:k9xbAMpgY3gTa8DRUTf9

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks