General
-
Target
35f6969f46bdfad60514dbd8e64368e3b6d13e0ff92f21f649fab69a80fcd7b0
-
Size
430KB
-
Sample
221125-qa3jtsdc2y
-
MD5
f2fa726aa15a0bedc7de81cab3c2a5db
-
SHA1
a45ffdd8a301976719abe2f7400c0185b6662432
-
SHA256
35f6969f46bdfad60514dbd8e64368e3b6d13e0ff92f21f649fab69a80fcd7b0
-
SHA512
9413137d3eeb19a84b02ed8249074e1f1e6d2ff791786f682bd28ca32b3323c2980292b828023e9d01f82237fb2132f2632344cb625c631230f2c98b1f1c5b9b
-
SSDEEP
6144:k9+feVjBpeExgVTFSXFoMc5RhCaL37mwww0JwwmSnvYqm9nxLW0Bs/kSTiOWGr9U:RZlPzCy37h8cW7Kcc
Malware Config
Targets
-
-
Target
35f6969f46bdfad60514dbd8e64368e3b6d13e0ff92f21f649fab69a80fcd7b0
-
Size
430KB
-
MD5
f2fa726aa15a0bedc7de81cab3c2a5db
-
SHA1
a45ffdd8a301976719abe2f7400c0185b6662432
-
SHA256
35f6969f46bdfad60514dbd8e64368e3b6d13e0ff92f21f649fab69a80fcd7b0
-
SHA512
9413137d3eeb19a84b02ed8249074e1f1e6d2ff791786f682bd28ca32b3323c2980292b828023e9d01f82237fb2132f2632344cb625c631230f2c98b1f1c5b9b
-
SSDEEP
6144:k9+feVjBpeExgVTFSXFoMc5RhCaL37mwww0JwwmSnvYqm9nxLW0Bs/kSTiOWGr9U:RZlPzCy37h8cW7Kcc
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-