General
-
Target
9141fe333c3fb624683c2ca9a8f4dd47cba67cca267ba9e2204ab2b0c70d1b99
-
Size
2.2MB
-
Sample
221125-n8f3daad9s
-
MD5
e512ecf36e30c2644f16af8166ec1651
-
SHA1
f0e83f3ac6379ca1ae828e22dd22d2d81c85b1e0
-
SHA256
9141fe333c3fb624683c2ca9a8f4dd47cba67cca267ba9e2204ab2b0c70d1b99
-
SHA512
f53d95758b70ee69c0bd01a5e6e23eb59416e90756f5da182bd6c0cb67faa442b89b1123246e3ba4d47854566b0df4f9ac6c96dc85f15d732f58757d7406c499
-
SSDEEP
24576:+mywyAuDtHI/RkrcioRnIL1VK0kqlmT8mEkkCIIj6nVG6r21kvEoUCEHByENlbuF:0WR2ITRT1Ekk9e6Q64cEOwByS9XNti
Malware Config
Targets
-
-
Target
9141fe333c3fb624683c2ca9a8f4dd47cba67cca267ba9e2204ab2b0c70d1b99
-
Size
2.2MB
-
MD5
e512ecf36e30c2644f16af8166ec1651
-
SHA1
f0e83f3ac6379ca1ae828e22dd22d2d81c85b1e0
-
SHA256
9141fe333c3fb624683c2ca9a8f4dd47cba67cca267ba9e2204ab2b0c70d1b99
-
SHA512
f53d95758b70ee69c0bd01a5e6e23eb59416e90756f5da182bd6c0cb67faa442b89b1123246e3ba4d47854566b0df4f9ac6c96dc85f15d732f58757d7406c499
-
SSDEEP
24576:+mywyAuDtHI/RkrcioRnIL1VK0kqlmT8mEkkCIIj6nVG6r21kvEoUCEHByENlbuF:0WR2ITRT1Ekk9e6Q64cEOwByS9XNti
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-