General
-
Target
2710e044821d3f5da8fa6f4e91cff21fce5c89dc90c58ee520d5469f88602434
-
Size
777KB
-
Sample
221118-2dc9wsba62
-
MD5
41484bdb720758fcf61b09b2018937f0
-
SHA1
6ab7b66a56537696ac11821d783d145420702513
-
SHA256
2710e044821d3f5da8fa6f4e91cff21fce5c89dc90c58ee520d5469f88602434
-
SHA512
8f3986bb854dd1dd933af95b8e04fda846cc540f0c5a9efd8e4596fcd94e6a5ced39925a0a029018cc042c9c36e184217e2f09ac6ee8b6dc72d16e819ef483da
-
SSDEEP
6144:k9gfNtsGGGGGGGGGGGGoGKEGDmetIC9ZxJYrEjiL1++VDMYfNtsGGGGGGGGGGGGx:9fvgEWh+6jfvgEWh+6me
Malware Config
Targets
-
-
Target
2710e044821d3f5da8fa6f4e91cff21fce5c89dc90c58ee520d5469f88602434
-
Size
777KB
-
MD5
41484bdb720758fcf61b09b2018937f0
-
SHA1
6ab7b66a56537696ac11821d783d145420702513
-
SHA256
2710e044821d3f5da8fa6f4e91cff21fce5c89dc90c58ee520d5469f88602434
-
SHA512
8f3986bb854dd1dd933af95b8e04fda846cc540f0c5a9efd8e4596fcd94e6a5ced39925a0a029018cc042c9c36e184217e2f09ac6ee8b6dc72d16e819ef483da
-
SSDEEP
6144:k9gfNtsGGGGGGGGGGGGoGKEGDmetIC9ZxJYrEjiL1++VDMYfNtsGGGGGGGGGGGGx:9fvgEWh+6jfvgEWh+6me
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-