General
-
Target
Invoice_payment#4235353.exe
-
Size
830KB
-
Sample
211204-h15g4sddd7
-
MD5
8390dbd2aed000c3616a6fc518057a47
-
SHA1
e9b071b1f338731ce6b21f7df211ea30992c5421
-
SHA256
5ee8c049f220802261888bad2f582cf2b0f96f2fe5e843e79fccbab7ac06e114
-
SHA512
50e2188589c8ad3d129a0870bad7937b3dc74b6e416db39ff8125817a0985637777f8c78650800aea6341ea65cf436470c2dcc29ec6d0401b428cebb49fe6eb4
Malware Config
Targets
-
-
Target
Invoice_payment#4235353.exe
-
Size
830KB
-
MD5
8390dbd2aed000c3616a6fc518057a47
-
SHA1
e9b071b1f338731ce6b21f7df211ea30992c5421
-
SHA256
5ee8c049f220802261888bad2f582cf2b0f96f2fe5e843e79fccbab7ac06e114
-
SHA512
50e2188589c8ad3d129a0870bad7937b3dc74b6e416db39ff8125817a0985637777f8c78650800aea6341ea65cf436470c2dcc29ec6d0401b428cebb49fe6eb4
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-