General
-
Target
b6cc05dbc0d50b76320330e273ade52aa089314945ba6c3bafe3cf5b5d06a987
-
Size
597KB
-
Sample
221120-n1hw1abg83
-
MD5
19d4e907e73ecc8c9e564c71c127f3e6
-
SHA1
590ed32308c954044b2d240b1cd004ae4bb97595
-
SHA256
b6cc05dbc0d50b76320330e273ade52aa089314945ba6c3bafe3cf5b5d06a987
-
SHA512
d699982b048f83298c112aa0bd64f0d2047649288b20a0b1ff97807797d7b2127aa53fc62198ceca9bb00e3e52930c1f824e3fe641f00b60a262d7c12826ca09
-
SSDEEP
12288:Wo9v5hk94n24O9pcsBPcFUM88thnJbXoQcH:Wezn24GHtcn8CjLQ
Malware Config
Targets
-
-
Target
b6cc05dbc0d50b76320330e273ade52aa089314945ba6c3bafe3cf5b5d06a987
-
Size
597KB
-
MD5
19d4e907e73ecc8c9e564c71c127f3e6
-
SHA1
590ed32308c954044b2d240b1cd004ae4bb97595
-
SHA256
b6cc05dbc0d50b76320330e273ade52aa089314945ba6c3bafe3cf5b5d06a987
-
SHA512
d699982b048f83298c112aa0bd64f0d2047649288b20a0b1ff97807797d7b2127aa53fc62198ceca9bb00e3e52930c1f824e3fe641f00b60a262d7c12826ca09
-
SSDEEP
12288:Wo9v5hk94n24O9pcsBPcFUM88thnJbXoQcH:Wezn24GHtcn8CjLQ
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-