General

  • Target

    0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977

  • Size

    1.8MB

  • Sample

    241217-ydbvaawjax

  • MD5

    938aed087a343f6177ffe5f8ba3944a3

  • SHA1

    660715046a506d3995cd87c9f5628c3db029f06b

  • SHA256

    0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977

  • SHA512

    354bd6f1a1ce8f73d815b891a10887a204c897ddbd0e98699e0323cde38a8aa96a82804064679503502b6ee3609765530ea10eb4bb103403954ecf407b1c3df3

  • SSDEEP

    49152:uWwO7RVi/cnQD2OOJOhFhKONotW6mTZTeklSgCGYnnC3I7:uWh7Li/WyvhcgT8goC3S

Malware Config

Targets

    • Target

      0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977

    • Size

      1.8MB

    • MD5

      938aed087a343f6177ffe5f8ba3944a3

    • SHA1

      660715046a506d3995cd87c9f5628c3db029f06b

    • SHA256

      0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977

    • SHA512

      354bd6f1a1ce8f73d815b891a10887a204c897ddbd0e98699e0323cde38a8aa96a82804064679503502b6ee3609765530ea10eb4bb103403954ecf407b1c3df3

    • SSDEEP

      49152:uWwO7RVi/cnQD2OOJOhFhKONotW6mTZTeklSgCGYnnC3I7:uWh7Li/WyvhcgT8goC3S

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.