General
-
Target
20b0bc090117ec0dcde7df4002ab3b89dee31103c45e6eece77908324abb4710
-
Size
260KB
-
Sample
220708-wtz6psdgan
-
MD5
1f26e84d20cccb8673f7d6cf86f2a02d
-
SHA1
deeb9c038993ca58456c14744486d3764114f35e
-
SHA256
20b0bc090117ec0dcde7df4002ab3b89dee31103c45e6eece77908324abb4710
-
SHA512
db2b2aaab053003fe9b4d2d7af9a6a740ff21014bd803a4f79193d572265f35a98668f5504692ecd304f48c38eee363415f0c5424841b7245b45fe948a0243a9
Malware Config
Targets
-
-
Target
20b0bc090117ec0dcde7df4002ab3b89dee31103c45e6eece77908324abb4710
-
Size
260KB
-
MD5
1f26e84d20cccb8673f7d6cf86f2a02d
-
SHA1
deeb9c038993ca58456c14744486d3764114f35e
-
SHA256
20b0bc090117ec0dcde7df4002ab3b89dee31103c45e6eece77908324abb4710
-
SHA512
db2b2aaab053003fe9b4d2d7af9a6a740ff21014bd803a4f79193d572265f35a98668f5504692ecd304f48c38eee363415f0c5424841b7245b45fe948a0243a9
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-