General

  • Target

    305e764e9742cd54e4d09facc7a30d90df2efd8fc6bd25ed5b4edfc0d29cd5ec.exe

  • Size

    669KB

  • Sample

    241226-g5mx7aymas

  • MD5

    3d69ee45cd45ab57abd921a640328cc5

  • SHA1

    ac34afffecd0310a4a8f3938e6d7b65a1de170c4

  • SHA256

    305e764e9742cd54e4d09facc7a30d90df2efd8fc6bd25ed5b4edfc0d29cd5ec

  • SHA512

    7994feb3970c1607e52173b23eaa3d517bfb9341163d880c72477adf9bcfa0a27a0ba072b8e26f72029487540672befda9a34019a38266d961e29bffce6e53e0

  • SSDEEP

    12288:VmgqnIZuYfCYqFet4CovkM7eoHnEeDawvVUdX9Gkrjdny:VWnIZuMCxezot75HZhvVwXr1y

Malware Config

Targets

    • Target

      305e764e9742cd54e4d09facc7a30d90df2efd8fc6bd25ed5b4edfc0d29cd5ec.exe

    • Size

      669KB

    • MD5

      3d69ee45cd45ab57abd921a640328cc5

    • SHA1

      ac34afffecd0310a4a8f3938e6d7b65a1de170c4

    • SHA256

      305e764e9742cd54e4d09facc7a30d90df2efd8fc6bd25ed5b4edfc0d29cd5ec

    • SHA512

      7994feb3970c1607e52173b23eaa3d517bfb9341163d880c72477adf9bcfa0a27a0ba072b8e26f72029487540672befda9a34019a38266d961e29bffce6e53e0

    • SSDEEP

      12288:VmgqnIZuYfCYqFet4CovkM7eoHnEeDawvVUdX9Gkrjdny:VWnIZuMCxezot75HZhvVwXr1y

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks