General
-
Target
5640fba7388f03396d21e2deca4e0434bb130d4a336017ea2a1b4c0d22f05c98
-
Size
266KB
-
Sample
221128-q9hnpsda8v
-
MD5
1a079d74c5fef0f6d1e7a782219cf00e
-
SHA1
9bb07f704e94a32681c4003fe30680ee139abf7f
-
SHA256
5640fba7388f03396d21e2deca4e0434bb130d4a336017ea2a1b4c0d22f05c98
-
SHA512
27685ed8ffb6d66db82d94857a6b418c786a1b65ac698904d2a9216ac0a5c545912e37324923658f1fee39f55505b950cdd1c57ba609632e6a083751930e53c3
-
SSDEEP
3072:+r8cC/tmufS8F5H+hfa9O87kF+FJMymj57RvlFHPoP0jm9PZDn7KwAZMj3:+0/4ijB+WO87kFckjDPjGAO3
Malware Config
Targets
-
-
Target
5640fba7388f03396d21e2deca4e0434bb130d4a336017ea2a1b4c0d22f05c98
-
Size
266KB
-
MD5
1a079d74c5fef0f6d1e7a782219cf00e
-
SHA1
9bb07f704e94a32681c4003fe30680ee139abf7f
-
SHA256
5640fba7388f03396d21e2deca4e0434bb130d4a336017ea2a1b4c0d22f05c98
-
SHA512
27685ed8ffb6d66db82d94857a6b418c786a1b65ac698904d2a9216ac0a5c545912e37324923658f1fee39f55505b950cdd1c57ba609632e6a083751930e53c3
-
SSDEEP
3072:+r8cC/tmufS8F5H+hfa9O87kF+FJMymj57RvlFHPoP0jm9PZDn7KwAZMj3:+0/4ijB+WO87kFckjDPjGAO3
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-