General
-
Target
e7700ea368d2d965058f4844e3264eef66173afb5bb395775a3e7bbb16e89084
-
Size
576KB
-
Sample
221003-yf4yvadae3
-
MD5
5d08004d4fc7198b7bff3edeeb363bb0
-
SHA1
ec5ef53fdec856b6805e38499da0abc64e863476
-
SHA256
e7700ea368d2d965058f4844e3264eef66173afb5bb395775a3e7bbb16e89084
-
SHA512
8ee2575d5e14c605b32534f0ba7d2a8e6663c1a2604508c596b1255194e2483d21a4526e4789bd7ff7b894bf7139b55ed0a2a9a286c617d471e5d3b34cadd2a8
-
SSDEEP
12288:8b94J9MXXi1em6M71qHfgudE0SXedZ6cocvDImUlONWPX/8HaHja2ADy6:88MHYJzKOuoEMlO8MaHjP6
Malware Config
Targets
-
-
Target
e7700ea368d2d965058f4844e3264eef66173afb5bb395775a3e7bbb16e89084
-
Size
576KB
-
MD5
5d08004d4fc7198b7bff3edeeb363bb0
-
SHA1
ec5ef53fdec856b6805e38499da0abc64e863476
-
SHA256
e7700ea368d2d965058f4844e3264eef66173afb5bb395775a3e7bbb16e89084
-
SHA512
8ee2575d5e14c605b32534f0ba7d2a8e6663c1a2604508c596b1255194e2483d21a4526e4789bd7ff7b894bf7139b55ed0a2a9a286c617d471e5d3b34cadd2a8
-
SSDEEP
12288:8b94J9MXXi1em6M71qHfgudE0SXedZ6cocvDImUlONWPX/8HaHja2ADy6:88MHYJzKOuoEMlO8MaHjP6
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-