General
-
Target
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
Size
1.1MB
-
Sample
221127-yna1qsaa4y
-
MD5
b3443f19b343e1aad101fa04e698fc0e
-
SHA1
edce1d3be30f7d305f32cfcfb5d0a4f995d057be
-
SHA256
c126c7e2058a8725a2af9eed1628f66b0931a437beef3be04a44cc84b02cef00
-
SHA512
f6b0e316892a31b51ed4bd0858fffbf95f8a6e2715fcd81ce01aeb0c435fa2355f05bcea4157ef42bfcba51d1173c86f4db822836992e8ebd23e0289d165a774
-
SSDEEP
24576:iT5oniNvHZlzbjB+dQz+gIqbm/fgMvHWxp0jBcHGffg9YmWiyJ8/:g5onSlvNeZqbmQIhCifC1yq
Malware Config
Targets
-
-
Target
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
Size
1.1MB
-
MD5
8193b862b024fffdfbe2579460171a20
-
SHA1
cac50766e1bc4a5df0858110d2fcecff18ace335
-
SHA256
c36797298d13bfbf484d5881baed5f6fe8a36cfe3201b9dafc414c1ef958a66c
-
SHA512
d510d9d665dff5020e6ff28fd91ccf9e6e8ba1041f27c93641ae58f8941e602125004697ff050f74b8418a65916f21ce91d85913beb22565bac20be3815ef9a4
-
SSDEEP
24576:lRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:fJzdnm4lT8Q1r0pieR7H
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-