General
-
Target
16701b1d928303cc2650f744a92e36476caa7f30e438e4bde838afd79c5f1f8d
-
Size
874KB
-
Sample
220609-apm5pachb5
-
MD5
bd65430d5eebaf8c3b138c3eb687eaac
-
SHA1
132eacad4beacf273225020f41fa58136bd45804
-
SHA256
16701b1d928303cc2650f744a92e36476caa7f30e438e4bde838afd79c5f1f8d
-
SHA512
c960b4dbe36aae3b4dda857b66529d83d84b95254473d98ecd0993694eea86cdfbca91b28c4b7073190fd5c2dc58c4abd66be6b5fa34f11c6766121a88a3adcd
Malware Config
Targets
-
-
Target
16701b1d928303cc2650f744a92e36476caa7f30e438e4bde838afd79c5f1f8d
-
Size
874KB
-
MD5
bd65430d5eebaf8c3b138c3eb687eaac
-
SHA1
132eacad4beacf273225020f41fa58136bd45804
-
SHA256
16701b1d928303cc2650f744a92e36476caa7f30e438e4bde838afd79c5f1f8d
-
SHA512
c960b4dbe36aae3b4dda857b66529d83d84b95254473d98ecd0993694eea86cdfbca91b28c4b7073190fd5c2dc58c4abd66be6b5fa34f11c6766121a88a3adcd
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-