General
-
Target
e466f00b02e6f74fd51a4bc753271b72117f564fe4bd69f1d7ff5259d7255ca8
-
Size
291KB
-
Sample
221119-m5rh9scf7t
-
MD5
5d078c6dbb909fb7e169e99f2cb24000
-
SHA1
dfadb6205a63ef85d0ac47580cb675714de4282b
-
SHA256
e466f00b02e6f74fd51a4bc753271b72117f564fe4bd69f1d7ff5259d7255ca8
-
SHA512
ea0adb1781fb51ebb7e5aca856bd8d6e2439d74876f2e19d706fd53e8d3e5adcb8eafb1c412dcddae5afb98c7d8c0381a97a33702a5822a016b6e50b9a617b7d
-
SSDEEP
6144:R8W7ucFvPKHls34QnzKMAO3uyQxLxDJhQ45hk:paHlsogzvAO+yQxLpQS+
Malware Config
Targets
-
-
Target
e466f00b02e6f74fd51a4bc753271b72117f564fe4bd69f1d7ff5259d7255ca8
-
Size
291KB
-
MD5
5d078c6dbb909fb7e169e99f2cb24000
-
SHA1
dfadb6205a63ef85d0ac47580cb675714de4282b
-
SHA256
e466f00b02e6f74fd51a4bc753271b72117f564fe4bd69f1d7ff5259d7255ca8
-
SHA512
ea0adb1781fb51ebb7e5aca856bd8d6e2439d74876f2e19d706fd53e8d3e5adcb8eafb1c412dcddae5afb98c7d8c0381a97a33702a5822a016b6e50b9a617b7d
-
SSDEEP
6144:R8W7ucFvPKHls34QnzKMAO3uyQxLxDJhQ45hk:paHlsogzvAO+yQxLpQS+
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-