General
-
Target
5d83f64680c6671b004ef10f7e93b68a5d282a067a10db94617adba811e8e813
-
Size
696KB
-
Sample
221120-n1lynabg86
-
MD5
09adbf0b5c41f32a324991e341acdf01
-
SHA1
d3744a87544c5eb7142dba16050f69f1a35834df
-
SHA256
5d83f64680c6671b004ef10f7e93b68a5d282a067a10db94617adba811e8e813
-
SHA512
7190ba086d96a335348189d7e9dbe56f5128621198042c01876e83b1d40e621acb293265423853c1a8abb27045b7d6c477065c3211f61814e520d12301ca16ad
-
SSDEEP
6144:k9uF1mDdkrsqhD5rrVn/H6UfMV38vfMV38v9N9N9N9N9N9N9N9N9N9N9:FKDdkr/D5rpv6Ussvss
Malware Config
Targets
-
-
Target
5d83f64680c6671b004ef10f7e93b68a5d282a067a10db94617adba811e8e813
-
Size
696KB
-
MD5
09adbf0b5c41f32a324991e341acdf01
-
SHA1
d3744a87544c5eb7142dba16050f69f1a35834df
-
SHA256
5d83f64680c6671b004ef10f7e93b68a5d282a067a10db94617adba811e8e813
-
SHA512
7190ba086d96a335348189d7e9dbe56f5128621198042c01876e83b1d40e621acb293265423853c1a8abb27045b7d6c477065c3211f61814e520d12301ca16ad
-
SSDEEP
6144:k9uF1mDdkrsqhD5rrVn/H6UfMV38vfMV38v9N9N9N9N9N9N9N9N9N9N9:FKDdkr/D5rpv6Ussvss
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-