General
-
Target
6a511d4178d6d2f98f8af34311d0e15dc8dc1c4b643e6943f056da6ce242e70d
-
Size
374KB
-
Sample
220201-bwmyyaegdk
-
MD5
3b447099ca280dabd22d36f84ebfd3bb
-
SHA1
49fd831a738b21ee0a1b3b62cd15801abe8c32d5
-
SHA256
6a511d4178d6d2f98f8af34311d0e15dc8dc1c4b643e6943f056da6ce242e70d
-
SHA512
e5868ab37bf39245a8bf8cc0db65276c4f11f8183db1451ff08766735cd8bdfbf4977001e376b7f2cad7de05ecb2706baa819c7d8f5fdf1bbd4ec76c824857ac
Malware Config
Targets
-
-
Target
6a511d4178d6d2f98f8af34311d0e15dc8dc1c4b643e6943f056da6ce242e70d
-
Size
374KB
-
MD5
3b447099ca280dabd22d36f84ebfd3bb
-
SHA1
49fd831a738b21ee0a1b3b62cd15801abe8c32d5
-
SHA256
6a511d4178d6d2f98f8af34311d0e15dc8dc1c4b643e6943f056da6ce242e70d
-
SHA512
e5868ab37bf39245a8bf8cc0db65276c4f11f8183db1451ff08766735cd8bdfbf4977001e376b7f2cad7de05ecb2706baa819c7d8f5fdf1bbd4ec76c824857ac
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-