General

  • Target

    906d9024889c307ff24e056131a5852a9b2a10a23a243a6c39c1f7cff089b33e.exe

  • Size

    1.2MB

  • Sample

    241218-efybhssjaw

  • MD5

    74699cfd768ae55bc7359748be3ea766

  • SHA1

    90f45c9eca58e9c674b9e66e3f5386bc753cfaa5

  • SHA256

    906d9024889c307ff24e056131a5852a9b2a10a23a243a6c39c1f7cff089b33e

  • SHA512

    8e744d867733d1d899e75a6c81ed61dba4c994428da68997340c15f829abf1c6ecf2365f3e26204401bc8c752af1ffd1ecf27a41aa6529090ee81e88bf71e164

  • SSDEEP

    24576:YpYjcVMUGBUBXugzOA21TYGHTA+J3pcn+:aYjcV9XugV21EGzN5X

Malware Config

Targets

    • Target

      906d9024889c307ff24e056131a5852a9b2a10a23a243a6c39c1f7cff089b33e.exe

    • Size

      1.2MB

    • MD5

      74699cfd768ae55bc7359748be3ea766

    • SHA1

      90f45c9eca58e9c674b9e66e3f5386bc753cfaa5

    • SHA256

      906d9024889c307ff24e056131a5852a9b2a10a23a243a6c39c1f7cff089b33e

    • SHA512

      8e744d867733d1d899e75a6c81ed61dba4c994428da68997340c15f829abf1c6ecf2365f3e26204401bc8c752af1ffd1ecf27a41aa6529090ee81e88bf71e164

    • SSDEEP

      24576:YpYjcVMUGBUBXugzOA21TYGHTA+J3pcn+:aYjcV9XugV21EGzN5X

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks