General
-
Target
95d8ec183c019823d13ea57e18c1dc9bd3f08faeae25c0f43c3e763daba6af1d
-
Size
229KB
-
Sample
221125-wsz5badh75
-
MD5
cd9fcba13ff275e595128ac7d01dd3c2
-
SHA1
f841a0b9f8578e9d901555de9049b1609a307e4f
-
SHA256
95d8ec183c019823d13ea57e18c1dc9bd3f08faeae25c0f43c3e763daba6af1d
-
SHA512
2aa1ef6d116da763fbc3c148808450f415b1189f005255d7db235c5fae6f4e1c3ad10286fb0a2b4e27955714b8560815a231d5a8ebe9cf1fd798555a88a94f8b
-
SSDEEP
6144:k9TDEgno7nzQr8Etlt4WypQtNq2vdUZ9vExlCNxbiVc7We5OdoIgnJbXeae/W5Bd:KDEgnoh7DOdoImxX7apIMGvb
Malware Config
Targets
-
-
Target
95d8ec183c019823d13ea57e18c1dc9bd3f08faeae25c0f43c3e763daba6af1d
-
Size
229KB
-
MD5
cd9fcba13ff275e595128ac7d01dd3c2
-
SHA1
f841a0b9f8578e9d901555de9049b1609a307e4f
-
SHA256
95d8ec183c019823d13ea57e18c1dc9bd3f08faeae25c0f43c3e763daba6af1d
-
SHA512
2aa1ef6d116da763fbc3c148808450f415b1189f005255d7db235c5fae6f4e1c3ad10286fb0a2b4e27955714b8560815a231d5a8ebe9cf1fd798555a88a94f8b
-
SSDEEP
6144:k9TDEgno7nzQr8Etlt4WypQtNq2vdUZ9vExlCNxbiVc7We5OdoIgnJbXeae/W5Bd:KDEgnoh7DOdoImxX7apIMGvb
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-