General

  • Target

    779daacaea7a7b5ed8ffb5c0598e3ebd98f21ce8de056d33131d69696a4b59d7

  • Size

    89KB

  • Sample

    241218-abwjxatldz

  • MD5

    36912d13ecaa5ed66229a1796528f2dc

  • SHA1

    233a1f81193eb4565d2130381b9ec68d6db1bc4b

  • SHA256

    779daacaea7a7b5ed8ffb5c0598e3ebd98f21ce8de056d33131d69696a4b59d7

  • SHA512

    6a78cb660b5f254a108f08e5c6f006ccf8120a4c6b52d4e32dffc041464d8692b3493a47be47155f2792f88be40d112a402ef3bc83cf700351cc5013c86a967e

  • SSDEEP

    1536:JxqjQ+P04wsmJCe0Phu/xpW2ZCTMJYexWa66uMq0upYFOgJw/0uotnLP+2qqqqqJ:sr85C9PSUTMmey057ew33E

Malware Config

Targets

    • Target

      779daacaea7a7b5ed8ffb5c0598e3ebd98f21ce8de056d33131d69696a4b59d7

    • Size

      89KB

    • MD5

      36912d13ecaa5ed66229a1796528f2dc

    • SHA1

      233a1f81193eb4565d2130381b9ec68d6db1bc4b

    • SHA256

      779daacaea7a7b5ed8ffb5c0598e3ebd98f21ce8de056d33131d69696a4b59d7

    • SHA512

      6a78cb660b5f254a108f08e5c6f006ccf8120a4c6b52d4e32dffc041464d8692b3493a47be47155f2792f88be40d112a402ef3bc83cf700351cc5013c86a967e

    • SSDEEP

      1536:JxqjQ+P04wsmJCe0Phu/xpW2ZCTMJYexWa66uMq0upYFOgJw/0uotnLP+2qqqqqJ:sr85C9PSUTMmey057ew33E

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks