General
-
Target
eca75c6b06644464b0d337f88e3cdc59fe01ac59105a450c971082b0904aa7fa
-
Size
290KB
-
Sample
221120-n1frmsfc5y
-
MD5
4000039f72ffe954a3273c130c136456
-
SHA1
35a2d82353abc5b1873b4773997889562754a588
-
SHA256
eca75c6b06644464b0d337f88e3cdc59fe01ac59105a450c971082b0904aa7fa
-
SHA512
baa612691e9fcca434401c8f1c72cc198183108bb359e0d021548df837ba6c7f22c14e02397e2a6c2594a22f048dc0143cda0419b63e49c0a77e6ddfc387dd5e
-
SSDEEP
3072:sr85CPCrvhbRcaC1U5Nf3wRqQxVNf3wRqQxVNf3wRqQxVNf3wRqQxVNf3wRqQxa:k9aTsT6PehPehPehPehPe4
Malware Config
Targets
-
-
Target
eca75c6b06644464b0d337f88e3cdc59fe01ac59105a450c971082b0904aa7fa
-
Size
290KB
-
MD5
4000039f72ffe954a3273c130c136456
-
SHA1
35a2d82353abc5b1873b4773997889562754a588
-
SHA256
eca75c6b06644464b0d337f88e3cdc59fe01ac59105a450c971082b0904aa7fa
-
SHA512
baa612691e9fcca434401c8f1c72cc198183108bb359e0d021548df837ba6c7f22c14e02397e2a6c2594a22f048dc0143cda0419b63e49c0a77e6ddfc387dd5e
-
SSDEEP
3072:sr85CPCrvhbRcaC1U5Nf3wRqQxVNf3wRqQxVNf3wRqQxVNf3wRqQxVNf3wRqQxa:k9aTsT6PehPehPehPehPe4
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-