General
-
Target
d08e310d6308ee311f146bc4679b5518604947ce0aff9fd16fdb7ffd8322150a
-
Size
159KB
-
Sample
221126-de9sgsga34
-
MD5
5e1327f7036a7a432da69e47e61fc7b0
-
SHA1
a886f14639dc174864330e5a4344b56f9d43b467
-
SHA256
d08e310d6308ee311f146bc4679b5518604947ce0aff9fd16fdb7ffd8322150a
-
SHA512
cd14759c2f012357ed70112e8947edac6ec6f80e546ad5dd5d1eebfb01b85f9775ea24f6e5bf6a0e61fd0ead1e118cf5f9f23e1f3c89d941519ffa907b0fa116
-
SSDEEP
3072:sr85CZxwGdGq0ElNTO+HmVfchlsugJDoPysVinrRqBYMmJohcX8J:k9TwGd1DN/H8f9oPysViSDXhcX8J
Malware Config
Targets
-
-
Target
d08e310d6308ee311f146bc4679b5518604947ce0aff9fd16fdb7ffd8322150a
-
Size
159KB
-
MD5
5e1327f7036a7a432da69e47e61fc7b0
-
SHA1
a886f14639dc174864330e5a4344b56f9d43b467
-
SHA256
d08e310d6308ee311f146bc4679b5518604947ce0aff9fd16fdb7ffd8322150a
-
SHA512
cd14759c2f012357ed70112e8947edac6ec6f80e546ad5dd5d1eebfb01b85f9775ea24f6e5bf6a0e61fd0ead1e118cf5f9f23e1f3c89d941519ffa907b0fa116
-
SSDEEP
3072:sr85CZxwGdGq0ElNTO+HmVfchlsugJDoPysVinrRqBYMmJohcX8J:k9TwGd1DN/H8f9oPysViSDXhcX8J
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-