General
-
Target
383a473a44c5b8009f91f15340634fe3786dd2e57cdd677f45505aa622d03c8f
-
Size
733KB
-
Sample
221127-c5ffwsgg9t
-
MD5
18e67930a20cde9e27ac3169615b8abc
-
SHA1
8c36f92233be12440c62aa71b47b8f92fe4eec7e
-
SHA256
383a473a44c5b8009f91f15340634fe3786dd2e57cdd677f45505aa622d03c8f
-
SHA512
431339f98539e75e97745a1efbdc194156f331821ba62f95961b4ea8b1906f31459b4fe96cdca249115a51a0003bd8d22db51ded29775f4a3894b05f88c1f031
-
SSDEEP
12288:qhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aTA25b8jyrSG:qRmJkcoQricOIQxiZY1iaTA2pJB
Malware Config
Targets
-
-
Target
383a473a44c5b8009f91f15340634fe3786dd2e57cdd677f45505aa622d03c8f
-
Size
733KB
-
MD5
18e67930a20cde9e27ac3169615b8abc
-
SHA1
8c36f92233be12440c62aa71b47b8f92fe4eec7e
-
SHA256
383a473a44c5b8009f91f15340634fe3786dd2e57cdd677f45505aa622d03c8f
-
SHA512
431339f98539e75e97745a1efbdc194156f331821ba62f95961b4ea8b1906f31459b4fe96cdca249115a51a0003bd8d22db51ded29775f4a3894b05f88c1f031
-
SSDEEP
12288:qhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aTA25b8jyrSG:qRmJkcoQricOIQxiZY1iaTA2pJB
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-