General

  • Target

    c2bd04ff5a52d2f39da265ee706430774cb77348cad608b70a43cb422ca598cc.exe

  • Size

    227KB

  • Sample

    250102-anbehavlck

  • MD5

    4e948c27920a1fc94d3e19dfba0e6223

  • SHA1

    8b241afbf2838732440b7d2f155ee15df6b61350

  • SHA256

    c2bd04ff5a52d2f39da265ee706430774cb77348cad608b70a43cb422ca598cc

  • SHA512

    3c9090bac1099bd07ea94d929e84c925d16236f5adb5ed9f238d1ec9aae1a9f4ce6aa767e76165ffd5d766abf6d324ba2f7bf022e1ae95455b7098baca5794bf

  • SSDEEP

    3072:sr85CD7Xk4tSvpPWa6DqhshfPq6r7RjpZPbo0OigDUx7GRyEEObF:k9D7kKSvpUhfV3RjpZaoovh

Malware Config

Targets

    • Target

      c2bd04ff5a52d2f39da265ee706430774cb77348cad608b70a43cb422ca598cc.exe

    • Size

      227KB

    • MD5

      4e948c27920a1fc94d3e19dfba0e6223

    • SHA1

      8b241afbf2838732440b7d2f155ee15df6b61350

    • SHA256

      c2bd04ff5a52d2f39da265ee706430774cb77348cad608b70a43cb422ca598cc

    • SHA512

      3c9090bac1099bd07ea94d929e84c925d16236f5adb5ed9f238d1ec9aae1a9f4ce6aa767e76165ffd5d766abf6d324ba2f7bf022e1ae95455b7098baca5794bf

    • SSDEEP

      3072:sr85CD7Xk4tSvpPWa6DqhshfPq6r7RjpZPbo0OigDUx7GRyEEObF:k9D7kKSvpUhfV3RjpZaoovh

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks