General
-
Target
8089e0301f103563012f4569861e1d61ddd35890cdfd6bbe62dc0c09f6b4e5a8
-
Size
3.5MB
-
Sample
221127-yeemkadd58
-
MD5
a3669e2690cfa09bf706053c4231fb06
-
SHA1
7ab92667ee11edba4be2aba09c92e7b0e757d867
-
SHA256
8089e0301f103563012f4569861e1d61ddd35890cdfd6bbe62dc0c09f6b4e5a8
-
SHA512
ae7cd4fac2ec7cf94a9fec7af8beda003515c2d6335f89a783598e6bc6461e989caeb41f32b9e3a3117cbf85b4a61610099ef8ac81166bdcdfed10055a4ef7cf
-
SSDEEP
98304:PqOtDhM4bp4Gx+Nj98JzquI0ce266Wv6j1oLRW:iuDhn9wTqWutImLRW
Malware Config
Targets
-
-
Target
8089e0301f103563012f4569861e1d61ddd35890cdfd6bbe62dc0c09f6b4e5a8
-
Size
3.5MB
-
MD5
a3669e2690cfa09bf706053c4231fb06
-
SHA1
7ab92667ee11edba4be2aba09c92e7b0e757d867
-
SHA256
8089e0301f103563012f4569861e1d61ddd35890cdfd6bbe62dc0c09f6b4e5a8
-
SHA512
ae7cd4fac2ec7cf94a9fec7af8beda003515c2d6335f89a783598e6bc6461e989caeb41f32b9e3a3117cbf85b4a61610099ef8ac81166bdcdfed10055a4ef7cf
-
SSDEEP
98304:PqOtDhM4bp4Gx+Nj98JzquI0ce266Wv6j1oLRW:iuDhn9wTqWutImLRW
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-