General

  • Target

    dee0fbdedeb3df58a3435837843a01d9c811460ee37a6a09b103320bc9bae8b0N.exe

  • Size

    2.3MB

  • Sample

    241218-b9d8ysxlgv

  • MD5

    7044d468183f0d312231ea4c8d2212b0

  • SHA1

    fc1e20f6df55c434159e0feded28d2b054f82739

  • SHA256

    dee0fbdedeb3df58a3435837843a01d9c811460ee37a6a09b103320bc9bae8b0

  • SHA512

    c4e6c6de03bd87040084412e4d26ce15c454d66801c1f1f1153bb542d245531e09dc26034586fe864f2aee6c565eaa9287d2a57ee3cf8a6e73738d871edb38bb

  • SSDEEP

    24576:vtDCmvRryL788Nilnsztr3xJ/xzQlfx5qDgFC+txj6wM0k8wGO:1CmvRXLS13/xzQhxMDiXt/Op

Malware Config

Targets

    • Target

      dee0fbdedeb3df58a3435837843a01d9c811460ee37a6a09b103320bc9bae8b0N.exe

    • Size

      2.3MB

    • MD5

      7044d468183f0d312231ea4c8d2212b0

    • SHA1

      fc1e20f6df55c434159e0feded28d2b054f82739

    • SHA256

      dee0fbdedeb3df58a3435837843a01d9c811460ee37a6a09b103320bc9bae8b0

    • SHA512

      c4e6c6de03bd87040084412e4d26ce15c454d66801c1f1f1153bb542d245531e09dc26034586fe864f2aee6c565eaa9287d2a57ee3cf8a6e73738d871edb38bb

    • SSDEEP

      24576:vtDCmvRryL788Nilnsztr3xJ/xzQlfx5qDgFC+txj6wM0k8wGO:1CmvRXLS13/xzQhxMDiXt/Op

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks