General
-
Target
8da574a1b81041b9b449d55d53f71d76060072205f6f20bf973130b65d3b24cf
-
Size
297KB
-
Sample
221119-ngpv7sdc2y
-
MD5
5050556aa398fc433dbeed4a4661ce20
-
SHA1
8812e8e067ed98473d65dd38146e3878c57c51c1
-
SHA256
8da574a1b81041b9b449d55d53f71d76060072205f6f20bf973130b65d3b24cf
-
SHA512
c6d24690e139724a88b689aad94620257e0e58d51c508a4ab932adb5b9daaace7981746e2e07b3e1658df975d807b67142398b57b6efebdd1162c0dc0a183aa4
-
SSDEEP
6144:89HWcBWsXo8uX0xzH1M3hG69AUeRUqVtyH7xOc6H5c6HcT66vlmr:BUo8xhMoYe3a
Malware Config
Targets
-
-
Target
8da574a1b81041b9b449d55d53f71d76060072205f6f20bf973130b65d3b24cf
-
Size
297KB
-
MD5
5050556aa398fc433dbeed4a4661ce20
-
SHA1
8812e8e067ed98473d65dd38146e3878c57c51c1
-
SHA256
8da574a1b81041b9b449d55d53f71d76060072205f6f20bf973130b65d3b24cf
-
SHA512
c6d24690e139724a88b689aad94620257e0e58d51c508a4ab932adb5b9daaace7981746e2e07b3e1658df975d807b67142398b57b6efebdd1162c0dc0a183aa4
-
SSDEEP
6144:89HWcBWsXo8uX0xzH1M3hG69AUeRUqVtyH7xOc6H5c6HcT66vlmr:BUo8xhMoYe3a
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-