General

  • Target

    c2a2d2af0aeb7c0a1c42ce53b04959db642e43e3cdb0683e192f8fbd0b4211d4

  • Size

    348KB

  • Sample

    241218-fy9ypsvldx

  • MD5

    9dc336749b9e486c3533ccb587bd817a

  • SHA1

    df0259d0b1606cf885a7fe146a6be296a99f21ba

  • SHA256

    c2a2d2af0aeb7c0a1c42ce53b04959db642e43e3cdb0683e192f8fbd0b4211d4

  • SHA512

    923ee651fc173b48d1d605da35744f84bcd9b23b94b40dce506f98df4845546562cb5eaf2feda52e56818a09384b75b71c9c603785c166dbdfc32d0ca4500bf4

  • SSDEEP

    6144:k9qT0tEbH3+hnZpgYfqqmMInVQQU7keNTAH/n+nIrjrDTBiX8P3tJ6:JaEynyMInTT4X8vtJ6

Malware Config

Targets

    • Target

      c2a2d2af0aeb7c0a1c42ce53b04959db642e43e3cdb0683e192f8fbd0b4211d4

    • Size

      348KB

    • MD5

      9dc336749b9e486c3533ccb587bd817a

    • SHA1

      df0259d0b1606cf885a7fe146a6be296a99f21ba

    • SHA256

      c2a2d2af0aeb7c0a1c42ce53b04959db642e43e3cdb0683e192f8fbd0b4211d4

    • SHA512

      923ee651fc173b48d1d605da35744f84bcd9b23b94b40dce506f98df4845546562cb5eaf2feda52e56818a09384b75b71c9c603785c166dbdfc32d0ca4500bf4

    • SSDEEP

      6144:k9qT0tEbH3+hnZpgYfqqmMInVQQU7keNTAH/n+nIrjrDTBiX8P3tJ6:JaEynyMInTT4X8vtJ6

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks