General
-
Target
c502ad2ed2120038988bfda2ef8cd6c1ed001008d9a9e0530b8da68113ea3444
-
Size
616KB
-
Sample
221119-3bv8csae2s
-
MD5
259919192053e727aa6cab9961eb6d10
-
SHA1
bcd189dfdefe3738a7358d57ad4f934ee3ea39dd
-
SHA256
c502ad2ed2120038988bfda2ef8cd6c1ed001008d9a9e0530b8da68113ea3444
-
SHA512
4ed825255221d79c491ffa4d0e659709faa37da711555bdd2747b3ad0473e4c567f9871b688b1b635571b92da6696a180a4ba36d164a35195918a77b140c6a44
-
SSDEEP
12288:2Ob9GKmLkkZ93UWkBfJS59pqyTh+SW5hSkTOLCtrsXC3r:2Ob0vLkI3UfM9wyTh+9jbTOKrskr
Malware Config
Targets
-
-
Target
c502ad2ed2120038988bfda2ef8cd6c1ed001008d9a9e0530b8da68113ea3444
-
Size
616KB
-
MD5
259919192053e727aa6cab9961eb6d10
-
SHA1
bcd189dfdefe3738a7358d57ad4f934ee3ea39dd
-
SHA256
c502ad2ed2120038988bfda2ef8cd6c1ed001008d9a9e0530b8da68113ea3444
-
SHA512
4ed825255221d79c491ffa4d0e659709faa37da711555bdd2747b3ad0473e4c567f9871b688b1b635571b92da6696a180a4ba36d164a35195918a77b140c6a44
-
SSDEEP
12288:2Ob9GKmLkkZ93UWkBfJS59pqyTh+SW5hSkTOLCtrsXC3r:2Ob0vLkI3UfM9wyTh+9jbTOKrskr
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-