General

  • Target

    cc9fa2178f4593d4ed0dceda5253b580984696652ddea2da425fc5b052af30d7.exe

  • Size

    6.0MB

  • Sample

    241218-pg1s5szlgp

  • MD5

    3dc4e173b44e98cdc03918eb0c12a541

  • SHA1

    682904ac75b730354d2c9462f1cd5f5c7fc0ca5f

  • SHA256

    cc9fa2178f4593d4ed0dceda5253b580984696652ddea2da425fc5b052af30d7

  • SHA512

    59afaa9fc1220fbcd72afc7d62a14a1f33331f01ba48fe08d205a30a4167faf2c9b3262d7847a6fbdd858594a0445c5e69183cf7d40c67f1610ad0888819d708

  • SSDEEP

    98304:ln2pTIB5ICr7WUrkTj+vsW/Lzmma7CLP+LZUh:R2p88IrvsW/LzJa7CT+LZUh

Malware Config

Targets

    • Target

      cc9fa2178f4593d4ed0dceda5253b580984696652ddea2da425fc5b052af30d7.exe

    • Size

      6.0MB

    • MD5

      3dc4e173b44e98cdc03918eb0c12a541

    • SHA1

      682904ac75b730354d2c9462f1cd5f5c7fc0ca5f

    • SHA256

      cc9fa2178f4593d4ed0dceda5253b580984696652ddea2da425fc5b052af30d7

    • SHA512

      59afaa9fc1220fbcd72afc7d62a14a1f33331f01ba48fe08d205a30a4167faf2c9b3262d7847a6fbdd858594a0445c5e69183cf7d40c67f1610ad0888819d708

    • SSDEEP

      98304:ln2pTIB5ICr7WUrkTj+vsW/Lzmma7CLP+LZUh:R2p88IrvsW/LzJa7CT+LZUh

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks