General
-
Target
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
Size
1.1MB
-
Sample
221127-3xdv7sdd3t
-
MD5
5d37f980c36bf89d9273f61a6b276a13
-
SHA1
37a21c7069e0ae1ff08628a70354fbb6b2efb91e
-
SHA256
458fd55a7bd653c7683553574b1b718046f0d156afaa9d2fb1b8dcbbb5665647
-
SHA512
fe5b5d42525dfbe97c3cd38823704b812374fd36951e1b7b74d1195b06eb862e8d021b69116886fe5dd7f8eec95c48151782cb843c92f3e0f5e3efbef9ca791f
-
SSDEEP
24576:6T5oniNvHZlzbjB+dQz+gIqbm/fgMvHWxp0jBcHGffg9YmWiyJ8D:o5onSlvNeZqbmQIhCifC1yO
Malware Config
Targets
-
-
Target
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
Size
1.1MB
-
MD5
8193b862b024fffdfbe2579460171a20
-
SHA1
cac50766e1bc4a5df0858110d2fcecff18ace335
-
SHA256
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
SHA512
d510d9d665dff5020e6ff28fd91ccf9e6e8ba1041f27c93641ae58f8941e602125004697ff050f74b8418a65916f21ce91d85913beb22565bac20be3815ef9a4
-
SSDEEP
24576:lRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:fJzdnm4lT8Q1r0pieR7H
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-