General
-
Target
69b09c1a5293a98eb460ca155a5b216eaf94ad2f377fcf56843205da949be24e
-
Size
562KB
-
Sample
220701-hk222sgeek
-
MD5
4bf385ae946b98e2679998ce449c2474
-
SHA1
c6a097bd4174d9cc319972ef00c22ee891b839f7
-
SHA256
69b09c1a5293a98eb460ca155a5b216eaf94ad2f377fcf56843205da949be24e
-
SHA512
3ed10d09d750f200fc155672c7d7ba21ed4e230cd0eaae4634327770984831c489bb3967e55b263fe54280a47a7c5a5abfad5e627a69a7d7064ce3f4d55c9a9c
Malware Config
Targets
-
-
Target
69b09c1a5293a98eb460ca155a5b216eaf94ad2f377fcf56843205da949be24e
-
Size
562KB
-
MD5
4bf385ae946b98e2679998ce449c2474
-
SHA1
c6a097bd4174d9cc319972ef00c22ee891b839f7
-
SHA256
69b09c1a5293a98eb460ca155a5b216eaf94ad2f377fcf56843205da949be24e
-
SHA512
3ed10d09d750f200fc155672c7d7ba21ed4e230cd0eaae4634327770984831c489bb3967e55b263fe54280a47a7c5a5abfad5e627a69a7d7064ce3f4d55c9a9c
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-