General
-
Target
e1819902b959cd642c8b24b47483f7fd162df3a166ff0897a7443eda729b2201
-
Size
429KB
-
Sample
221127-c5gzqadc63
-
MD5
1e4bdcdfa722266ac07eecbebc7fbec1
-
SHA1
475973d48045053db78fd72a1491255559f6e810
-
SHA256
e1819902b959cd642c8b24b47483f7fd162df3a166ff0897a7443eda729b2201
-
SHA512
0f31e8b6b96dd49b45832cd90fa61a416bc240ba01b32e22dd2536d6d50dccbb1678164b5a3da9c658e031fb09b0601b2508a0e961fcef64fce301da2308399b
-
SSDEEP
12288:IcLOYLWeCxn5PqVcbHB+TRxTOemZ49ap2hb8rRrSg:IchW75PqezBw7Oemr2B2z
Malware Config
Targets
-
-
Target
DLL Files Fixer_ Activator.exe
-
Size
733KB
-
MD5
18e67930a20cde9e27ac3169615b8abc
-
SHA1
8c36f92233be12440c62aa71b47b8f92fe4eec7e
-
SHA256
383a473a44c5b8009f91f15340634fe3786dd2e57cdd677f45505aa622d03c8f
-
SHA512
431339f98539e75e97745a1efbdc194156f331821ba62f95961b4ea8b1906f31459b4fe96cdca249115a51a0003bd8d22db51ded29775f4a3894b05f88c1f031
-
SSDEEP
12288:qhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aTA25b8jyrSG:qRmJkcoQricOIQxiZY1iaTA2pJB
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-