General

  • Target

    baeeb0d9018a2301a1829081723ad4a4f1cdad6a98a79929ed0827dc13368d80

  • Size

    1.7MB

  • Sample

    241218-fc3mhavmhq

  • MD5

    cef4de7c99d3ff29e9a2ce92009bcc52

  • SHA1

    d261615f91577e98f4042aed8949630329f2b114

  • SHA256

    baeeb0d9018a2301a1829081723ad4a4f1cdad6a98a79929ed0827dc13368d80

  • SHA512

    8ea107b4048ea98cbe1ae4f5f678a45ff7db7cb1566f101045a959bb9c1031ba88a1c7ef1cd151c38c5a053b999bffe3203ddad2bc6b59398df705d78b7e6479

  • SSDEEP

    24576:wMbIrWZr9B8zCEzyQptfV5BK6J/KO0176qQy:ZAYr9B8eEuQPdl0tp

Malware Config

Targets

    • Target

      baeeb0d9018a2301a1829081723ad4a4f1cdad6a98a79929ed0827dc13368d80

    • Size

      1.7MB

    • MD5

      cef4de7c99d3ff29e9a2ce92009bcc52

    • SHA1

      d261615f91577e98f4042aed8949630329f2b114

    • SHA256

      baeeb0d9018a2301a1829081723ad4a4f1cdad6a98a79929ed0827dc13368d80

    • SHA512

      8ea107b4048ea98cbe1ae4f5f678a45ff7db7cb1566f101045a959bb9c1031ba88a1c7ef1cd151c38c5a053b999bffe3203ddad2bc6b59398df705d78b7e6479

    • SSDEEP

      24576:wMbIrWZr9B8zCEzyQptfV5BK6J/KO0176qQy:ZAYr9B8eEuQPdl0tp

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks