General

  • Target

    f3d1b3d36f594fef0b3492abcde35cce7a1bd1b864be841ffc5990e6937f576c.exe

  • Size

    1.8MB

  • Sample

    241219-bvzw4s1kby

  • MD5

    296084ece33f26a7592686290839baf0

  • SHA1

    718805ac49e7fc3ff809aa57641d6ed963b60801

  • SHA256

    f3d1b3d36f594fef0b3492abcde35cce7a1bd1b864be841ffc5990e6937f576c

  • SHA512

    d52141120eab954b52d5055e7cefb22e47d31e8b9cf81ca6809696db2f4f31d6d625c024c3d6f953ed600e8a5d234147e8f8d74dfae6185d4061dfa375bfa746

  • SSDEEP

    6144:k9k/uXEnYjMgrB9aQHzqEgRgeAOYs73ptq2xcqC4PQB3O23dXj:WWYowTqXWs7322xc14PO3O23d

Malware Config

Targets

    • Target

      f3d1b3d36f594fef0b3492abcde35cce7a1bd1b864be841ffc5990e6937f576c.exe

    • Size

      1.8MB

    • MD5

      296084ece33f26a7592686290839baf0

    • SHA1

      718805ac49e7fc3ff809aa57641d6ed963b60801

    • SHA256

      f3d1b3d36f594fef0b3492abcde35cce7a1bd1b864be841ffc5990e6937f576c

    • SHA512

      d52141120eab954b52d5055e7cefb22e47d31e8b9cf81ca6809696db2f4f31d6d625c024c3d6f953ed600e8a5d234147e8f8d74dfae6185d4061dfa375bfa746

    • SSDEEP

      6144:k9k/uXEnYjMgrB9aQHzqEgRgeAOYs73ptq2xcqC4PQB3O23dXj:WWYowTqXWs7322xc14PO3O23d

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks