General
-
Target
011d01c520b456b0e4f60103bfd918e86f5bf3e79b9e775a68e9920b722825fd
-
Size
485KB
-
Sample
221118-2dm44aeg9x
-
MD5
44b3b26c1af861f9af43f64d71e11e20
-
SHA1
1089d09e4175d536a7f4ec97dcdb6cfafa1fc042
-
SHA256
011d01c520b456b0e4f60103bfd918e86f5bf3e79b9e775a68e9920b722825fd
-
SHA512
819bc83fe8ad99d31ecdfa2f44b2b2d972ab21383acde6661eda42cef0d727f3a92cc099253a98c61df1bca0b93ad487f5fe752f2dc4616507e2fa73be5636e1
-
SSDEEP
12288:hNMZQA7VbifAgUp3DFHBKw6ZHRKFmY5b6jTM/nnuY5b6jTM/nnc:8b3b3DFgPKcO6muO6mc
Malware Config
Targets
-
-
Target
011d01c520b456b0e4f60103bfd918e86f5bf3e79b9e775a68e9920b722825fd
-
Size
485KB
-
MD5
44b3b26c1af861f9af43f64d71e11e20
-
SHA1
1089d09e4175d536a7f4ec97dcdb6cfafa1fc042
-
SHA256
011d01c520b456b0e4f60103bfd918e86f5bf3e79b9e775a68e9920b722825fd
-
SHA512
819bc83fe8ad99d31ecdfa2f44b2b2d972ab21383acde6661eda42cef0d727f3a92cc099253a98c61df1bca0b93ad487f5fe752f2dc4616507e2fa73be5636e1
-
SSDEEP
12288:hNMZQA7VbifAgUp3DFHBKw6ZHRKFmY5b6jTM/nnuY5b6jTM/nnc:8b3b3DFgPKcO6muO6mc
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-