General
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
Sample
221128-dsgzmaba49
-
MD5
e39fd32f69d0fe2c69918bac0dd3ebd3
-
SHA1
6511c69affcda80e9af142b72ec4552199bc4c67
-
SHA256
c45d7e397bac6f57f38f3505c4b951a61e1a77a7b5c77b9e157ad719ece15264
-
SHA512
51a80e9fb37feebd3289f0bfcae79add83b89f619d9312fc9047a4f5c838f9b3119d5dadbb3e639b316149339b8236557225a8d6b0f86dfd16172f3a7d7562b8
-
SSDEEP
24576:ZI+xqQ8rSbTbUP4uz4Ck1ZqyC2D/UeFALIJHo5f/eZE/:Zn8rSnbUPhz9k1ZrjF/tMeZE/
Malware Config
Targets
-
-
Target
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
Size
1.1MB
-
MD5
c4135cc7c22639aa8993c76eb612ba00
-
SHA1
3396b72d6914b4143b899ac746dd709ee9738644
-
SHA256
f307d266bd2537abfe6233b7f2b9ed59c1be2d5594bc4c854d55155a081bb111
-
SHA512
421f3498426b9fa7c3329fecc1fe8e23408ebfaaf92c2b220e642a5b0237067079520d3d1b7268bd9a21920c1184aae1430f6970f22f66f2833c70a25571506a
-
SSDEEP
24576:KRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:8Jzdnm4lT8Q1r0pieR7H
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-