General

  • Target

    9f0f5c2c6951bea6ab8f644f4e3c592e75ea9d7193a611aa74575de4767bf84b.exe

  • Size

    1.9MB

  • Sample

    241218-b3z7vaxjdz

  • MD5

    076def8610a2502f461d83df8050d5ab

  • SHA1

    97fd4130ac728f95b1e339580095c5a4542eb223

  • SHA256

    9f0f5c2c6951bea6ab8f644f4e3c592e75ea9d7193a611aa74575de4767bf84b

  • SHA512

    9ba0eef0fd948227b2920981968528203db39c31361570fce2e30647f52df4a1039424b024cbda08a66fd031e07cc13bc5d8b0fb716438dbb2facb18c5747061

  • SSDEEP

    24576:XH96TOG3Zuiohx37zYH39xTEhZjtUip1Cmv9/YPPCyHXxIzA/PbL1ghO+l1D4BuH:tWLomo/wx/PeZSB/xmp/

Malware Config

Targets

    • Target

      9f0f5c2c6951bea6ab8f644f4e3c592e75ea9d7193a611aa74575de4767bf84b.exe

    • Size

      1.9MB

    • MD5

      076def8610a2502f461d83df8050d5ab

    • SHA1

      97fd4130ac728f95b1e339580095c5a4542eb223

    • SHA256

      9f0f5c2c6951bea6ab8f644f4e3c592e75ea9d7193a611aa74575de4767bf84b

    • SHA512

      9ba0eef0fd948227b2920981968528203db39c31361570fce2e30647f52df4a1039424b024cbda08a66fd031e07cc13bc5d8b0fb716438dbb2facb18c5747061

    • SSDEEP

      24576:XH96TOG3Zuiohx37zYH39xTEhZjtUip1Cmv9/YPPCyHXxIzA/PbL1ghO+l1D4BuH:tWLomo/wx/PeZSB/xmp/

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks