General
-
Target
5757ed7d28120533e52c0647f70f755ce4006c648d8093da1c95d7b3bbcc6e8e
-
Size
326KB
-
Sample
220214-epgp5aeeh4
-
MD5
76241781712f8730a127b36435fe7980
-
SHA1
29c654231751b7016db60ea04a1601e204fad164
-
SHA256
5757ed7d28120533e52c0647f70f755ce4006c648d8093da1c95d7b3bbcc6e8e
-
SHA512
8bd69bdfefa2e7b9a9aaa6616afc9f72af70bf0ab4ce6daa2d385f46c8e2d1f9bfe3cff1b61b40378ef271fc9b5482d0c3418198e54e51eb242d0947f2a1401c
Malware Config
Targets
-
-
Target
5757ed7d28120533e52c0647f70f755ce4006c648d8093da1c95d7b3bbcc6e8e
-
Size
326KB
-
MD5
76241781712f8730a127b36435fe7980
-
SHA1
29c654231751b7016db60ea04a1601e204fad164
-
SHA256
5757ed7d28120533e52c0647f70f755ce4006c648d8093da1c95d7b3bbcc6e8e
-
SHA512
8bd69bdfefa2e7b9a9aaa6616afc9f72af70bf0ab4ce6daa2d385f46c8e2d1f9bfe3cff1b61b40378ef271fc9b5482d0c3418198e54e51eb242d0947f2a1401c
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-