General
-
Target
tmp/6065149a-4e5b-4b4f-a1e4-095f1751bf4e_1017.exe
-
Size
855KB
-
Sample
211229-m31ddsdchj
-
MD5
521447b36c3c0b8c123e149e9aee2eb3
-
SHA1
de9cfbd7807bcfef61790670b4e94f2c8d352ac9
-
SHA256
02323ad7d39bea5d5e736d6a66e31840542cf2c75f265b46b501ed2452cef2ce
-
SHA512
cc411a82c357916cd6e6fb52d34ded67c95fe4657da6a07ab3770cb11d601c8dfa28ffe0b10c66962851c22d582e789ad8334af93c5f1fa0df0a3905e571a69b
Malware Config
Targets
-
-
Target
tmp/6065149a-4e5b-4b4f-a1e4-095f1751bf4e_1017.exe
-
Size
855KB
-
MD5
521447b36c3c0b8c123e149e9aee2eb3
-
SHA1
de9cfbd7807bcfef61790670b4e94f2c8d352ac9
-
SHA256
02323ad7d39bea5d5e736d6a66e31840542cf2c75f265b46b501ed2452cef2ce
-
SHA512
cc411a82c357916cd6e6fb52d34ded67c95fe4657da6a07ab3770cb11d601c8dfa28ffe0b10c66962851c22d582e789ad8334af93c5f1fa0df0a3905e571a69b
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-