General
-
Target
148c9a67398d13c9501318540298c073651e99a865f77b06796ba11f9624ebae.exe
-
Size
1.0MB
-
Sample
250207-3eg5xavjbp
-
MD5
90c982df76b49f9ad6ec6447c88eabf8
-
SHA1
faad7619ed3ea976432fe070159872e385721d37
-
SHA256
148c9a67398d13c9501318540298c073651e99a865f77b06796ba11f9624ebae
-
SHA512
7bdef5722a1f18b3e1ff134cfc4a7eb30449b1b6d6e95fd81301f9f914fefadc1d91d1a8d8314e475c54a438ece1f831f61136c3a1ede45325e73b977aa0b2a2
-
SSDEEP
12288:mGuWJeQxdaKxeeFBtQFCl17E4pOVwBXmeLdKBDkffOBews:m7WJNcNeBQFC/Q4GwN
Malware Config
Targets
-
-
Target
148c9a67398d13c9501318540298c073651e99a865f77b06796ba11f9624ebae.exe
-
Size
1.0MB
-
MD5
90c982df76b49f9ad6ec6447c88eabf8
-
SHA1
faad7619ed3ea976432fe070159872e385721d37
-
SHA256
148c9a67398d13c9501318540298c073651e99a865f77b06796ba11f9624ebae
-
SHA512
7bdef5722a1f18b3e1ff134cfc4a7eb30449b1b6d6e95fd81301f9f914fefadc1d91d1a8d8314e475c54a438ece1f831f61136c3a1ede45325e73b977aa0b2a2
-
SSDEEP
12288:mGuWJeQxdaKxeeFBtQFCl17E4pOVwBXmeLdKBDkffOBews:m7WJNcNeBQFC/Q4GwN
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1