General
-
Target
d0dcaa91e51003fa9b9e10980b68f1b11b630ed58d8ceb4ff78befccf381ac5a
-
Size
3.0MB
-
Sample
220524-rcfzaadff7
-
MD5
3d2d9e5eea086ccf3e0710065bb9d4bb
-
SHA1
0a690bb3d55bdea96cf8c5e2c416a68fdbcff0ef
-
SHA256
d0dcaa91e51003fa9b9e10980b68f1b11b630ed58d8ceb4ff78befccf381ac5a
-
SHA512
d39093325004c975cc45aefca5183d7fa836bf18b4a2483606b16e24a162c8b541d3ae6934f34794c1f6d601f4c3928a547d57bc70b316ff900a5f3938e1f004
Malware Config
Targets
-
-
Target
d0dcaa91e51003fa9b9e10980b68f1b11b630ed58d8ceb4ff78befccf381ac5a
-
Size
3.0MB
-
MD5
3d2d9e5eea086ccf3e0710065bb9d4bb
-
SHA1
0a690bb3d55bdea96cf8c5e2c416a68fdbcff0ef
-
SHA256
d0dcaa91e51003fa9b9e10980b68f1b11b630ed58d8ceb4ff78befccf381ac5a
-
SHA512
d39093325004c975cc45aefca5183d7fa836bf18b4a2483606b16e24a162c8b541d3ae6934f34794c1f6d601f4c3928a547d57bc70b316ff900a5f3938e1f004
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-