General
-
Target
64a2f51c7b24a5c6d0525d426e5b57b5d3d1f8127163d106c829b371a64f735e
-
Size
656KB
-
Sample
221119-ngs8madc21
-
MD5
519614598f0faba5ea1ddfc8b2c9dbc0
-
SHA1
83d1ca9ba7540efc5f44adbdfcc13ea0f652024c
-
SHA256
64a2f51c7b24a5c6d0525d426e5b57b5d3d1f8127163d106c829b371a64f735e
-
SHA512
235fd1c301b4e6115583bcbb4d7f6eb29daa6f0b26fe49d30b4369bd4c059d0395ba5f7e321b92192e1cfa442724f32e61ee2d5929ff52430ee24ebf051a6a56
-
SSDEEP
12288:g3BBb77zE1EE6JnkpO1y+sb9SKBD7PISmIsRJQFS9YoSQ+kz:gD2xG4+sYKN7PISmIYQFS9h+kz
Malware Config
Targets
-
-
Target
64a2f51c7b24a5c6d0525d426e5b57b5d3d1f8127163d106c829b371a64f735e
-
Size
656KB
-
MD5
519614598f0faba5ea1ddfc8b2c9dbc0
-
SHA1
83d1ca9ba7540efc5f44adbdfcc13ea0f652024c
-
SHA256
64a2f51c7b24a5c6d0525d426e5b57b5d3d1f8127163d106c829b371a64f735e
-
SHA512
235fd1c301b4e6115583bcbb4d7f6eb29daa6f0b26fe49d30b4369bd4c059d0395ba5f7e321b92192e1cfa442724f32e61ee2d5929ff52430ee24ebf051a6a56
-
SSDEEP
12288:g3BBb77zE1EE6JnkpO1y+sb9SKBD7PISmIsRJQFS9YoSQ+kz:gD2xG4+sYKN7PISmIYQFS9h+kz
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-