General
-
Target
2bc7fe65ce0cc9cf46dcc6943791b69ede66297ba27a0ed2348893ccf1c3bbf8
-
Size
2.1MB
-
Sample
221125-wtcemshb51
-
MD5
07f77e9a455f05567d6e1960a0c6359c
-
SHA1
7fa36c8c92e2e951a1dfb50b60a3883c15fb1019
-
SHA256
2bc7fe65ce0cc9cf46dcc6943791b69ede66297ba27a0ed2348893ccf1c3bbf8
-
SHA512
eff960e15168520feb2808ade90861f3a26b153305d1b3ee98f5024f213e48c233238a387cb1192b09a8838a3a7ef5e7a1c9aa9f27517e81c1e302f499b5dc91
-
SSDEEP
24576:/QoR805qLnLrjcS0/yLWg4JifNlhWslEWlo0M:/QoR805qLL0/yLWg4JifNlhWslEWrM
Malware Config
Targets
-
-
Target
2bc7fe65ce0cc9cf46dcc6943791b69ede66297ba27a0ed2348893ccf1c3bbf8
-
Size
2.1MB
-
MD5
07f77e9a455f05567d6e1960a0c6359c
-
SHA1
7fa36c8c92e2e951a1dfb50b60a3883c15fb1019
-
SHA256
2bc7fe65ce0cc9cf46dcc6943791b69ede66297ba27a0ed2348893ccf1c3bbf8
-
SHA512
eff960e15168520feb2808ade90861f3a26b153305d1b3ee98f5024f213e48c233238a387cb1192b09a8838a3a7ef5e7a1c9aa9f27517e81c1e302f499b5dc91
-
SSDEEP
24576:/QoR805qLnLrjcS0/yLWg4JifNlhWslEWlo0M:/QoR805qLL0/yLWg4JifNlhWslEWrM
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-