General

  • Target

    c2d85599ab0faee723c57603639fa4db8e40f4f78cfe6b8f58e41f7138a6b0cb.exe

  • Size

    496KB

  • Sample

    241219-fwzpys1kcm

  • MD5

    8a7221ecd6161f80dd01dba4924f002e

  • SHA1

    c8214c209aa35f95e972f3432a89d0d0a6002882

  • SHA256

    c2d85599ab0faee723c57603639fa4db8e40f4f78cfe6b8f58e41f7138a6b0cb

  • SHA512

    80a0959b5f1aeb535021742d9ed3e15f967cfa5d5293704cb0353c01e7ebb0c743ba50cfedff509d32b1a317b0ad27608e60badf00f3f6900c62f91ea70057f4

  • SSDEEP

    12288:Uptm8so2/Hk3ag2Bmh1RelqxbjZkQlf/U6MRMP6s3+J3QlnioH0adL2LRU4:Qt6yaPmh1RwqxbjZkQlf/U6MRMP6s3+X

Malware Config

Targets

    • Target

      c2d85599ab0faee723c57603639fa4db8e40f4f78cfe6b8f58e41f7138a6b0cb.exe

    • Size

      496KB

    • MD5

      8a7221ecd6161f80dd01dba4924f002e

    • SHA1

      c8214c209aa35f95e972f3432a89d0d0a6002882

    • SHA256

      c2d85599ab0faee723c57603639fa4db8e40f4f78cfe6b8f58e41f7138a6b0cb

    • SHA512

      80a0959b5f1aeb535021742d9ed3e15f967cfa5d5293704cb0353c01e7ebb0c743ba50cfedff509d32b1a317b0ad27608e60badf00f3f6900c62f91ea70057f4

    • SSDEEP

      12288:Uptm8so2/Hk3ag2Bmh1RelqxbjZkQlf/U6MRMP6s3+J3QlnioH0adL2LRU4:Qt6yaPmh1RwqxbjZkQlf/U6MRMP6s3+X

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks