General
-
Target
2a06a8fe962bde4303a91b7e97c866e9eeee7b5791447b1f3aa454bc85ca1d0b
-
Size
1.4MB
-
Sample
220524-ds5qpahbep
-
MD5
5bea547d481e34579ed99c98c10fe9ca
-
SHA1
173da3d03c8553976950f99d2d5424cb54bec13a
-
SHA256
2a06a8fe962bde4303a91b7e97c866e9eeee7b5791447b1f3aa454bc85ca1d0b
-
SHA512
66576e7e9bd403d111851403981d9fc846e3c28e82e9698909b5acbd2bd12ce4aef1dec8a8bd93380316ad8691e601ce560736d4045581ab19cbeb4646634dd1
Malware Config
Targets
-
-
Target
2a06a8fe962bde4303a91b7e97c866e9eeee7b5791447b1f3aa454bc85ca1d0b
-
Size
1.4MB
-
MD5
5bea547d481e34579ed99c98c10fe9ca
-
SHA1
173da3d03c8553976950f99d2d5424cb54bec13a
-
SHA256
2a06a8fe962bde4303a91b7e97c866e9eeee7b5791447b1f3aa454bc85ca1d0b
-
SHA512
66576e7e9bd403d111851403981d9fc846e3c28e82e9698909b5acbd2bd12ce4aef1dec8a8bd93380316ad8691e601ce560736d4045581ab19cbeb4646634dd1
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-