General
-
Target
c8b810320363ccb3d905e7d42a343cf38958c778d59e675a15e57d3c12a260fa
-
Size
2.3MB
-
Sample
221119-3b848afb93
-
MD5
24cfdb26c8ce3c0c51f5a68f4e3a7dc0
-
SHA1
042b8e9f242a46b8e8b5e2da0139c9e3cdef68a7
-
SHA256
c8b810320363ccb3d905e7d42a343cf38958c778d59e675a15e57d3c12a260fa
-
SHA512
016ad81edd3ca0a87b8f06be2446173fc296785dc49e69df99218152d0ba76b3b6c8a9faa6e86f09651e0b7eba803aaec06e223d596c12823fc953af0dd6ea68
-
SSDEEP
24576:ZzWvPW5ACG9wOkZV4jhwrjwQ39KqHFJXEonqXAvcCaBGP2jMxlq2iLbQdIgDU+Cu:gmkqwQc0XEFCEGP2jYGb+IgDU9I1
Malware Config
Targets
-
-
Target
c8b810320363ccb3d905e7d42a343cf38958c778d59e675a15e57d3c12a260fa
-
Size
2.3MB
-
MD5
24cfdb26c8ce3c0c51f5a68f4e3a7dc0
-
SHA1
042b8e9f242a46b8e8b5e2da0139c9e3cdef68a7
-
SHA256
c8b810320363ccb3d905e7d42a343cf38958c778d59e675a15e57d3c12a260fa
-
SHA512
016ad81edd3ca0a87b8f06be2446173fc296785dc49e69df99218152d0ba76b3b6c8a9faa6e86f09651e0b7eba803aaec06e223d596c12823fc953af0dd6ea68
-
SSDEEP
24576:ZzWvPW5ACG9wOkZV4jhwrjwQ39KqHFJXEonqXAvcCaBGP2jMxlq2iLbQdIgDU+Cu:gmkqwQc0XEFCEGP2jYGb+IgDU9I1
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-