General
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
Sample
221127-zle3cace4s
-
MD5
67baaade3a571191448f059a91b6a95e
-
SHA1
cd52beae141ac2ea8dd274f1a9ddc08a3ab2b7b2
-
SHA256
a33f9b86d5ade7ccbe8e055730e211906ed78398ee1329ac83b7bbea4e5f5758
-
SHA512
ba2b835a7d5280b2cb196d9736b77dea0c3a1fddb3d403e17e44436c404620ca6994f55e92df444c310cd997b0108891a07c32d68fe06eb96e0c334b5a4d1db4
-
SSDEEP
24576:XI+xqQ8rSbTbUP4uz4Ck1ZqyC2D/UeFALIJHo5f/eZER:Xn8rSnbUPhz9k1ZrjF/tMeZER
Malware Config
Targets
-
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
MD5
c4135cc7c22639aa8993c76eb612ba00
-
SHA1
3396b72d6914b4143b899ac746dd709ee9738644
-
SHA256
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
SHA512
421f3498426b9fa7c3329fecc1fe8e23408ebfaaf92c2b220e642a5b0237067079520d3d1b7268bd9a21920c1184aae1430f6970f22f66f2833c70a25571506a
-
SSDEEP
24576:KRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:8Jzdnm4lT8Q1r0pieR7H
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-