Overview

overview

10

Static

static

10

Update.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Update.exe

  • Size

    2.3MB

  • Sample

    250123-se1l5stkds

  • MD5

    062edb3464378eee157f157328cc187f

  • SHA1

    d4a4e6c7f222ecc72566c5e16e6fe1695ace97ff

  • SHA256

    5dfe5a25a9143133f263ba85ed196a82f500cdc04d9ac9ff95ce38b6c42e4bc9

  • SHA512

    fc51e060b2f8acea82eb76499e40f7b058c8994632d5a96e6ea49fba15aa9f3c1bf06b637c63f8405590ba18a31cd034893e2a8ec2055b2eba19d5134f440e75

  • SSDEEP

    24576:g7R5yse7DsuDvK+iDKDruSZAcZdwLWrShB0icDfXP0JCnC7tyZenVLC7Z3k/ICn:g7R5W7DNK+UZyicDf/0JCCx2Z3eH

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      Update.exe

    • Size

      2.3MB

    • MD5

      062edb3464378eee157f157328cc187f

    • SHA1

      d4a4e6c7f222ecc72566c5e16e6fe1695ace97ff

    • SHA256

      5dfe5a25a9143133f263ba85ed196a82f500cdc04d9ac9ff95ce38b6c42e4bc9

    • SHA512

      fc51e060b2f8acea82eb76499e40f7b058c8994632d5a96e6ea49fba15aa9f3c1bf06b637c63f8405590ba18a31cd034893e2a8ec2055b2eba19d5134f440e75

    • SSDEEP

      24576:g7R5yse7DsuDvK+iDKDruSZAcZdwLWrShB0icDfXP0JCnC7tyZenVLC7Z3k/ICn:g7R5W7DNK+UZyicDf/0JCCx2Z3eH

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Executes dropped EXE

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks