General
-
Target
8e5a93dca3418e5db9c39fa88da062aed0b0c54bc3c2f15eeab1417a12c41d48
-
Size
1018KB
-
Sample
220524-dvs5nsdhd2
-
MD5
addd72cda10085492a769f580e1a9c41
-
SHA1
a134595721480708910dfd66bb75aed3d25bc19c
-
SHA256
8e5a93dca3418e5db9c39fa88da062aed0b0c54bc3c2f15eeab1417a12c41d48
-
SHA512
2fda1d34ac1abbf91a86e22529956291bfda825931f4a7d7407f699bd94d77263ef6fca136d75820e8593dcc781bbea2f8ae5a322ffb2e99c1461e5d118f79c0
Malware Config
Targets
-
-
Target
8e5a93dca3418e5db9c39fa88da062aed0b0c54bc3c2f15eeab1417a12c41d48
-
Size
1018KB
-
MD5
addd72cda10085492a769f580e1a9c41
-
SHA1
a134595721480708910dfd66bb75aed3d25bc19c
-
SHA256
8e5a93dca3418e5db9c39fa88da062aed0b0c54bc3c2f15eeab1417a12c41d48
-
SHA512
2fda1d34ac1abbf91a86e22529956291bfda825931f4a7d7407f699bd94d77263ef6fca136d75820e8593dcc781bbea2f8ae5a322ffb2e99c1461e5d118f79c0
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-