General

  • Target

    222194685466fcfa1acfa6a1135d6b6b0f2093dfdc16e1faa1fe228fcc657f6d

  • Size

    1.8MB

  • Sample

    241217-zdfnxaykcn

  • MD5

    b2a57829bf508d6bdc1f13035ee89e00

  • SHA1

    fc003983062a9ff565db96a746e97d7955307f25

  • SHA256

    222194685466fcfa1acfa6a1135d6b6b0f2093dfdc16e1faa1fe228fcc657f6d

  • SHA512

    ed267cdc479f5d7f7f36076c02c2a4417c121c79e80578a3bc64830c559a9a026c51de0505d05872bc39823354244d5ed82894c42acd86f1fb72d137661221ea

  • SSDEEP

    6144:k9k/uXEnYjMgrB9aQHzqEgRgeAOYs7Aptq2xcqC4S3O23dXZ:WWYowTqXWs7A22xc14S3O23n

Malware Config

Targets

    • Target

      222194685466fcfa1acfa6a1135d6b6b0f2093dfdc16e1faa1fe228fcc657f6d

    • Size

      1.8MB

    • MD5

      b2a57829bf508d6bdc1f13035ee89e00

    • SHA1

      fc003983062a9ff565db96a746e97d7955307f25

    • SHA256

      222194685466fcfa1acfa6a1135d6b6b0f2093dfdc16e1faa1fe228fcc657f6d

    • SHA512

      ed267cdc479f5d7f7f36076c02c2a4417c121c79e80578a3bc64830c559a9a026c51de0505d05872bc39823354244d5ed82894c42acd86f1fb72d137661221ea

    • SSDEEP

      6144:k9k/uXEnYjMgrB9aQHzqEgRgeAOYs7Aptq2xcqC4S3O23dXZ:WWYowTqXWs7A22xc14S3O23n

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks