General

  • Target

    74752adcaf6ecd179cf571b30ed7bfa19270823fe04b9c16ec430b1f6a7facb4.exe

  • Size

    4.1MB

  • Sample

    241217-xwat9swmfj

  • MD5

    899ab0eaa4cac80481eb131a0dc6d8e9

  • SHA1

    e9d2b484e36339fc8e5a6517ad3d601564645d4a

  • SHA256

    74752adcaf6ecd179cf571b30ed7bfa19270823fe04b9c16ec430b1f6a7facb4

  • SHA512

    02db493ed9595b2587c8e38a0028d06abd40a8444bfda8356b137c352c1b590f688b71c33b615e93485cce87fc1284212f49b9bb4f540f2f462415f1d730042d

  • SSDEEP

    49152:Vdnt0/GwloE4GvCsB67nL7Xx8W9xam38mfUFxhf0ThnUdcauu0jwKXBT8opQQ7Vo:DtWZlwOeUxL0S

Malware Config

Targets

    • Target

      74752adcaf6ecd179cf571b30ed7bfa19270823fe04b9c16ec430b1f6a7facb4.exe

    • Size

      4.1MB

    • MD5

      899ab0eaa4cac80481eb131a0dc6d8e9

    • SHA1

      e9d2b484e36339fc8e5a6517ad3d601564645d4a

    • SHA256

      74752adcaf6ecd179cf571b30ed7bfa19270823fe04b9c16ec430b1f6a7facb4

    • SHA512

      02db493ed9595b2587c8e38a0028d06abd40a8444bfda8356b137c352c1b590f688b71c33b615e93485cce87fc1284212f49b9bb4f540f2f462415f1d730042d

    • SSDEEP

      49152:Vdnt0/GwloE4GvCsB67nL7Xx8W9xam38mfUFxhf0ThnUdcauu0jwKXBT8opQQ7Vo:DtWZlwOeUxL0S

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks