General

  • Target

    9f2909c7169f4f02c3d4cafa3092ac0e9553d49a3488cf819a4b5673535417c7.exe

  • Size

    551KB

  • Sample

    241218-1z7vystmex

  • MD5

    35d0835b6d0d0e041d34eaa034f42dbf

  • SHA1

    f929d7d7d91cbeeb74426e8c4493a31bc8bbd9e8

  • SHA256

    9f2909c7169f4f02c3d4cafa3092ac0e9553d49a3488cf819a4b5673535417c7

  • SHA512

    4b02a4b0d98b96eca41275c2b0e7ca2cbb87c87ff3f3f6e6c9939c125c0711af35c460ac5a2f2ea0762211d1ab5a3a08c62c02d90280097df903d4f15ca1dbda

  • SSDEEP

    12288:SDJxfRKHBxIE+Urs4wcp5Q/bP+yTkUpFzApfPhjY:SDPRKHIETrXpCT+kpFzApfPW

Malware Config

Targets

    • Target

      9f2909c7169f4f02c3d4cafa3092ac0e9553d49a3488cf819a4b5673535417c7.exe

    • Size

      551KB

    • MD5

      35d0835b6d0d0e041d34eaa034f42dbf

    • SHA1

      f929d7d7d91cbeeb74426e8c4493a31bc8bbd9e8

    • SHA256

      9f2909c7169f4f02c3d4cafa3092ac0e9553d49a3488cf819a4b5673535417c7

    • SHA512

      4b02a4b0d98b96eca41275c2b0e7ca2cbb87c87ff3f3f6e6c9939c125c0711af35c460ac5a2f2ea0762211d1ab5a3a08c62c02d90280097df903d4f15ca1dbda

    • SSDEEP

      12288:SDJxfRKHBxIE+Urs4wcp5Q/bP+yTkUpFzApfPhjY:SDPRKHIETrXpCT+kpFzApfPW

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks