General
-
Target
2a8e8d065364899b9fa19d433fde0585aad4976995d03e1bf116797bf20437f1
-
Size
630KB
-
Sample
221118-2dbq3aeg71
-
MD5
3702b7d85365e613d63fb7b3d9e35020
-
SHA1
f9b247fdbdd0e04420a813ff36b38acfe65657b0
-
SHA256
2a8e8d065364899b9fa19d433fde0585aad4976995d03e1bf116797bf20437f1
-
SHA512
3dbaf48f5b178c9da052ebabb08b2dbff49790e3340c37d8910fa30f58ec4fe19f6f7a0ac96a373e6fb20005f4fd6f0e33674c216472968941fb8ce782e6c80c
-
SSDEEP
6144:k9n/1cibKq3asu+aa3HSZ0GXgU0bV28P7O7JN7ZB1EIH0U+JyDgrlTU2MQRz4L/o:+uq3zNiXSZvTy1nH0U+0gRU2P0LgJbcQ
Malware Config
Targets
-
-
Target
2a8e8d065364899b9fa19d433fde0585aad4976995d03e1bf116797bf20437f1
-
Size
630KB
-
MD5
3702b7d85365e613d63fb7b3d9e35020
-
SHA1
f9b247fdbdd0e04420a813ff36b38acfe65657b0
-
SHA256
2a8e8d065364899b9fa19d433fde0585aad4976995d03e1bf116797bf20437f1
-
SHA512
3dbaf48f5b178c9da052ebabb08b2dbff49790e3340c37d8910fa30f58ec4fe19f6f7a0ac96a373e6fb20005f4fd6f0e33674c216472968941fb8ce782e6c80c
-
SSDEEP
6144:k9n/1cibKq3asu+aa3HSZ0GXgU0bV28P7O7JN7ZB1EIH0U+JyDgrlTU2MQRz4L/o:+uq3zNiXSZvTy1nH0U+0gRU2P0LgJbcQ
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-