General

  • Target

    bc85fa94db083fb3525355fa25819a43a344460004804eeac0d97777109e6d85N.exe

  • Size

    1.4MB

  • Sample

    241218-1gg7kstlbm

  • MD5

    a956f485959137ef9b7a254cdec36b50

  • SHA1

    887ea1a7cb21a21e2ea9b815567738eb8a18564a

  • SHA256

    bc85fa94db083fb3525355fa25819a43a344460004804eeac0d97777109e6d85

  • SHA512

    c9ebde9a06973e456a81f3fc8a2d07d5865e2ad2a2f82220428389496ebf0b60407033ff380924957d329b12f27c48772e91907b30a57d1c7ff31c6d83eccd51

  • SSDEEP

    24576:DyXITj6fU9JxiKq2sBLJfWQ3H4HtHMFobt8rpa11ghiP/XYK:Dy4j6fGhGLJfWQ9Y+peOhiP/XYK

Malware Config

Targets

    • Target

      bc85fa94db083fb3525355fa25819a43a344460004804eeac0d97777109e6d85N.exe

    • Size

      1.4MB

    • MD5

      a956f485959137ef9b7a254cdec36b50

    • SHA1

      887ea1a7cb21a21e2ea9b815567738eb8a18564a

    • SHA256

      bc85fa94db083fb3525355fa25819a43a344460004804eeac0d97777109e6d85

    • SHA512

      c9ebde9a06973e456a81f3fc8a2d07d5865e2ad2a2f82220428389496ebf0b60407033ff380924957d329b12f27c48772e91907b30a57d1c7ff31c6d83eccd51

    • SSDEEP

      24576:DyXITj6fU9JxiKq2sBLJfWQ3H4HtHMFobt8rpa11ghiP/XYK:Dy4j6fGhGLJfWQ9Y+peOhiP/XYK

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks