General
-
Target
52d5c35c4fbf0a7ef4b068865773cc5c0ce86d2f8485c76542b7a498e02c2f89
-
Size
896KB
-
Sample
221118-2c6vtaba56
-
MD5
4c2d61a636fb7726ceb1598b180a51a0
-
SHA1
463acc26ef1cc53b57b9b38e438d30c153af60a1
-
SHA256
52d5c35c4fbf0a7ef4b068865773cc5c0ce86d2f8485c76542b7a498e02c2f89
-
SHA512
ce4e918e46e64e86816dbea480c142e33315ea47ece9a18c4aad5774917d7f60dfe3ac9098e161595f68ba1ce3071fe107c4c03f928590c9351420299565aeec
-
SSDEEP
12288:8Smgt5H4kInv7kvNmvlJMoUEc4w1WilWAgJ:8S3t59YIvNmvlJLtKW4WV
Malware Config
Targets
-
-
Target
52d5c35c4fbf0a7ef4b068865773cc5c0ce86d2f8485c76542b7a498e02c2f89
-
Size
896KB
-
MD5
4c2d61a636fb7726ceb1598b180a51a0
-
SHA1
463acc26ef1cc53b57b9b38e438d30c153af60a1
-
SHA256
52d5c35c4fbf0a7ef4b068865773cc5c0ce86d2f8485c76542b7a498e02c2f89
-
SHA512
ce4e918e46e64e86816dbea480c142e33315ea47ece9a18c4aad5774917d7f60dfe3ac9098e161595f68ba1ce3071fe107c4c03f928590c9351420299565aeec
-
SSDEEP
12288:8Smgt5H4kInv7kvNmvlJMoUEc4w1WilWAgJ:8S3t59YIvNmvlJLtKW4WV
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-