General
-
Target
0fe2c262a61cec598ae340c594e7eefbef050f36a167c1964d14c7254fe58b1a
-
Size
198KB
-
Sample
221119-3b4jqsfb89
-
MD5
0797ff74e1ca67576f257881a5842e30
-
SHA1
b1ce7bfafd04136e0a7fbedbc0ed7363a5bb5f08
-
SHA256
0fe2c262a61cec598ae340c594e7eefbef050f36a167c1964d14c7254fe58b1a
-
SHA512
7701130a6d1a5d1f2c7f4c2d678dee8f2fc924ec575be08cd862431ed2c02f62f2454582e14669e4ee8ccd7f9339bae9655b1c0a035afb65703f3baf7edbe99f
-
SSDEEP
3072:zr8WDrCkeI4Vo/hc8ZgLv0s1XwG0+OWfNN0Ov8yDYj6W1HYxoX6z6bqm1:PukDhc8GqG0ONN0Ovb82W1HY1z6bqm1
Malware Config
Targets
-
-
Target
0fe2c262a61cec598ae340c594e7eefbef050f36a167c1964d14c7254fe58b1a
-
Size
198KB
-
MD5
0797ff74e1ca67576f257881a5842e30
-
SHA1
b1ce7bfafd04136e0a7fbedbc0ed7363a5bb5f08
-
SHA256
0fe2c262a61cec598ae340c594e7eefbef050f36a167c1964d14c7254fe58b1a
-
SHA512
7701130a6d1a5d1f2c7f4c2d678dee8f2fc924ec575be08cd862431ed2c02f62f2454582e14669e4ee8ccd7f9339bae9655b1c0a035afb65703f3baf7edbe99f
-
SSDEEP
3072:zr8WDrCkeI4Vo/hc8ZgLv0s1XwG0+OWfNN0Ov8yDYj6W1HYxoX6z6bqm1:PukDhc8GqG0ONN0Ovb82W1HY1z6bqm1
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-