General

  • Target

    d3054a35ba63833b396bad4da6ebefe3e2462b7a71d0505d238901ff11e9602f.exe

  • Size

    289KB

  • Sample

    241219-ba7ffszrgj

  • MD5

    1b6faa3e0c833a7282ad648f95d252ae

  • SHA1

    890bfa925df64e62fe49ee6a961723b3ff1efa5a

  • SHA256

    d3054a35ba63833b396bad4da6ebefe3e2462b7a71d0505d238901ff11e9602f

  • SHA512

    ec0dc450c1d350763ce0a3c00740fb6c78a61194eaa30432640375055a18ba54d2a9962ea6f5c88604b943c5191f1ddb1b0165cf742291077615cecbc3836d10

  • SSDEEP

    6144:k9FCc8o7/XhMPMInVQQU7keNTAH/n+nIrjr7AeR:Mj8kOMInseR

Malware Config

Targets

    • Target

      d3054a35ba63833b396bad4da6ebefe3e2462b7a71d0505d238901ff11e9602f.exe

    • Size

      289KB

    • MD5

      1b6faa3e0c833a7282ad648f95d252ae

    • SHA1

      890bfa925df64e62fe49ee6a961723b3ff1efa5a

    • SHA256

      d3054a35ba63833b396bad4da6ebefe3e2462b7a71d0505d238901ff11e9602f

    • SHA512

      ec0dc450c1d350763ce0a3c00740fb6c78a61194eaa30432640375055a18ba54d2a9962ea6f5c88604b943c5191f1ddb1b0165cf742291077615cecbc3836d10

    • SSDEEP

      6144:k9FCc8o7/XhMPMInVQQU7keNTAH/n+nIrjr7AeR:Mj8kOMInseR

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks