General
-
Target
01aa7103d89a8098737b1a4d9f500025bd1988b660e929b463dca5d56cb46bee
-
Size
386KB
-
Sample
220223-bkv56shdhr
-
MD5
da98c96e1082214b71812e82587c26b3
-
SHA1
98aba160392f372d7c4d90db84219d2d351405cf
-
SHA256
01aa7103d89a8098737b1a4d9f500025bd1988b660e929b463dca5d56cb46bee
-
SHA512
4502c5f40c820ab87a104bb569edea25ef9d12b0f383ffbd0ecc9065433b7b27fe8d8fe9e3d2c50a6e3941e61db5c599d4468f2711f25813de750ab8fc454ae6
Malware Config
Targets
-
-
Target
01aa7103d89a8098737b1a4d9f500025bd1988b660e929b463dca5d56cb46bee
-
Size
386KB
-
MD5
da98c96e1082214b71812e82587c26b3
-
SHA1
98aba160392f372d7c4d90db84219d2d351405cf
-
SHA256
01aa7103d89a8098737b1a4d9f500025bd1988b660e929b463dca5d56cb46bee
-
SHA512
4502c5f40c820ab87a104bb569edea25ef9d12b0f383ffbd0ecc9065433b7b27fe8d8fe9e3d2c50a6e3941e61db5c599d4468f2711f25813de750ab8fc454ae6
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-