General
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
Sample
221128-arhmzsfa4s
-
MD5
642a582ab78b623833ffe4da252b48ac
-
SHA1
71f12f6b5dab53c1bebfef9b3c4ee056f75051cf
-
SHA256
0d4d6fbf0a370229a9ccdbe7b2df08349bbd9026d320eaf8b576c80f4a18548e
-
SHA512
5f3852062cca82aa908e6184c0f35895f500239703a7e69a429989065c6c9484b621b6576eb991561a468abf1baf3a9604feb65e0f98d45311487fcccc35fa9b
-
SSDEEP
24576:AI+xqQ8rSbTbUP4uz4Ck1ZqyC2D/UeFALIJHo5f/eZE4:An8rSnbUPhz9k1ZrjF/tMeZE4
Malware Config
Targets
-
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
MD5
c4135cc7c22639aa8993c76eb612ba00
-
SHA1
3396b72d6914b4143b899ac746dd709ee9738644
-
SHA256
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
SHA512
421f3498426b9fa7c3329fecc1fe8e23408ebfaaf92c2b220e642a5b0237067079520d3d1b7268bd9a21920c1184aae1430f6970f22f66f2833c70a25571506a
-
SSDEEP
24576:KRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:8Jzdnm4lT8Q1r0pieR7H
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-