General
-
Target
tmp/b3fa4a1b-268f-49b2-9a04-47f6550e1a9a_1009.exe
-
Size
3.6MB
-
Sample
211228-fpxl1scacp
-
MD5
0df509291dbe0de01efd4e59b5c3b2dc
-
SHA1
06e97544849ce889a83e3c4f5bc74c99971d668d
-
SHA256
bae433ef175b58fde659d4c84a8bd8d6625f75b3d7b56b4771c6dbb377d03efa
-
SHA512
3e9383ee1ec55c980c1570f89ff3be76d62b2714553a04bd5deb2d3e373bb6e5afbaf5cd8a64dd3635e49d281af39a2b081cac1a3ea653e92ba03c5d668c40b5
Malware Config
Targets
-
-
Target
tmp/b3fa4a1b-268f-49b2-9a04-47f6550e1a9a_1009.exe
-
Size
3.6MB
-
MD5
0df509291dbe0de01efd4e59b5c3b2dc
-
SHA1
06e97544849ce889a83e3c4f5bc74c99971d668d
-
SHA256
bae433ef175b58fde659d4c84a8bd8d6625f75b3d7b56b4771c6dbb377d03efa
-
SHA512
3e9383ee1ec55c980c1570f89ff3be76d62b2714553a04bd5deb2d3e373bb6e5afbaf5cd8a64dd3635e49d281af39a2b081cac1a3ea653e92ba03c5d668c40b5
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-