General
-
Target
b0f991cf5289dad243910275738d27f88c261d5d8372ab7326572b48814565bc
-
Size
516KB
-
Sample
220124-bnw7mshdf8
-
MD5
ab7e9029d356c8b464d1d9809bbddba7
-
SHA1
7e3fe0cee4b0d0005556d030da77eabfed1ebb58
-
SHA256
b0f991cf5289dad243910275738d27f88c261d5d8372ab7326572b48814565bc
-
SHA512
e9fdd9640f32befca60b23f60739043014cc184e7c09b906258f694d3febcb7168f835acf594853df57cc42d1f7832949bedd7614cc524f79871f6e4e4637943
Malware Config
Targets
-
-
Target
b0f991cf5289dad243910275738d27f88c261d5d8372ab7326572b48814565bc
-
Size
516KB
-
MD5
ab7e9029d356c8b464d1d9809bbddba7
-
SHA1
7e3fe0cee4b0d0005556d030da77eabfed1ebb58
-
SHA256
b0f991cf5289dad243910275738d27f88c261d5d8372ab7326572b48814565bc
-
SHA512
e9fdd9640f32befca60b23f60739043014cc184e7c09b906258f694d3febcb7168f835acf594853df57cc42d1f7832949bedd7614cc524f79871f6e4e4637943
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Sodin,Sodinokibi,REvil
Ransomware with advanced anti-analysis and privilege escalation functionality.
-
Sodinokibi/Revil sample
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-