General

  • Target

    c52c856ade2a66b770370fbb444523fe4dd3a4a278757208e057de705c320e46.exe

  • Size

    1.5MB

  • Sample

    241218-edmf8s1raz

  • MD5

    df7d7d92a2a26661684561ebad7cf925

  • SHA1

    558420293da7b922fecf4082add96db69c91449b

  • SHA256

    c52c856ade2a66b770370fbb444523fe4dd3a4a278757208e057de705c320e46

  • SHA512

    336299afeaf4ba09a759eeadde9180fbe6618f53a82b7a1be135db38ef16a4c7037cda88912318c7309052d12ed4a373b6ccfde48cbdb3192d18219319e0fafc

  • SSDEEP

    24576:Ycaibe3sWnKj9c+lAOHNmeFB8UF1Jk3uj+7:YcaUe37Kj9xVmW3jj+7

Malware Config

Targets

    • Target

      c52c856ade2a66b770370fbb444523fe4dd3a4a278757208e057de705c320e46.exe

    • Size

      1.5MB

    • MD5

      df7d7d92a2a26661684561ebad7cf925

    • SHA1

      558420293da7b922fecf4082add96db69c91449b

    • SHA256

      c52c856ade2a66b770370fbb444523fe4dd3a4a278757208e057de705c320e46

    • SHA512

      336299afeaf4ba09a759eeadde9180fbe6618f53a82b7a1be135db38ef16a4c7037cda88912318c7309052d12ed4a373b6ccfde48cbdb3192d18219319e0fafc

    • SSDEEP

      24576:Ycaibe3sWnKj9c+lAOHNmeFB8UF1Jk3uj+7:YcaUe37Kj9xVmW3jj+7

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks