General
-
Target
a49db87bc9c9a7bc0c39e5cd054d29d35e5bd955b9674951dbad559281426a7e.exe
-
Size
366KB
-
Sample
250208-f4fxtaxpdx
-
MD5
757917358bea89089d88eec41da105e9
-
SHA1
ee7781fe8bd5904f2b5f724f892e8fe296fde35d
-
SHA256
a49db87bc9c9a7bc0c39e5cd054d29d35e5bd955b9674951dbad559281426a7e
-
SHA512
2e6a28a183e168c7f5ddb9501ef138478774dc5b40dc22bf010f5b9afda408367b7c0caa4ac1aa62599a9e77a7df2ee324dcfce2693bb946be1d73aef859e289
-
SSDEEP
6144:k9lyVayioacLiYwPVLLqro+2jydhygKbN+Znu3D+sXOENm2eK7mnoUSgpAY8ODcB:ayVMoacLiYwtLLr+sydfKbCnu31lNDH3
Malware Config
Targets
-
-
Target
a49db87bc9c9a7bc0c39e5cd054d29d35e5bd955b9674951dbad559281426a7e.exe
-
Size
366KB
-
MD5
757917358bea89089d88eec41da105e9
-
SHA1
ee7781fe8bd5904f2b5f724f892e8fe296fde35d
-
SHA256
a49db87bc9c9a7bc0c39e5cd054d29d35e5bd955b9674951dbad559281426a7e
-
SHA512
2e6a28a183e168c7f5ddb9501ef138478774dc5b40dc22bf010f5b9afda408367b7c0caa4ac1aa62599a9e77a7df2ee324dcfce2693bb946be1d73aef859e289
-
SSDEEP
6144:k9lyVayioacLiYwPVLLqro+2jydhygKbN+Znu3D+sXOENm2eK7mnoUSgpAY8ODcB:ayVMoacLiYwtLLr+sydfKbCnu31lNDH3
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1