General

  • Target

    5789a61405aa3e50d95b8c0bce6f9988a10346f5952890acedc99d36822b9293N.exe

  • Size

    494KB

  • Sample

    241218-ac233svndj

  • MD5

    a494abdad1986358d15bdd0ab6d1e7a0

  • SHA1

    5501fe90eb97bd72ff00fbd0141d6b57739c35a3

  • SHA256

    5789a61405aa3e50d95b8c0bce6f9988a10346f5952890acedc99d36822b9293

  • SHA512

    7fc21a01e315c225345a6b8cd91ee508830376dd8d7c07c2b75b5c2ac3191b1dc2e07a7a175fd2c5556703b89e15f9ba1971cb1e3ba1aeeacc5dbbfc1ac9328c

  • SSDEEP

    6144:k9p3QZoZTfKbPfK0bwpFolu5cKTB30l4R/928NO:kQ9lu5cKTDS6O

Malware Config

Targets

    • Target

      5789a61405aa3e50d95b8c0bce6f9988a10346f5952890acedc99d36822b9293N.exe

    • Size

      494KB

    • MD5

      a494abdad1986358d15bdd0ab6d1e7a0

    • SHA1

      5501fe90eb97bd72ff00fbd0141d6b57739c35a3

    • SHA256

      5789a61405aa3e50d95b8c0bce6f9988a10346f5952890acedc99d36822b9293

    • SHA512

      7fc21a01e315c225345a6b8cd91ee508830376dd8d7c07c2b75b5c2ac3191b1dc2e07a7a175fd2c5556703b89e15f9ba1971cb1e3ba1aeeacc5dbbfc1ac9328c

    • SSDEEP

      6144:k9p3QZoZTfKbPfK0bwpFolu5cKTB30l4R/928NO:kQ9lu5cKTDS6O

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks