General
-
Target
b1e63568286311e1cab88de8e7936d6c94a7acf457b269467edcc1587a60d8d3
-
Size
57KB
-
Sample
221128-reav2shd83
-
MD5
fc6e3be550fc0716afd4403e5b8e0e96
-
SHA1
df61091d22b3f95a1e3bb17deadd9b94f3bbf51b
-
SHA256
b1e63568286311e1cab88de8e7936d6c94a7acf457b269467edcc1587a60d8d3
-
SHA512
549e53fc2192a9a6f368321f862fd475bb359f7dcfce1a8565213adc4090d25803042e3f2d56b3135146d9601c9a0ebee0cb6e7173a79e6fcffdeb305db9cee9
-
SSDEEP
768:myxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJVrdh/44DMVLwpXtdtLy:RxqjQ+P04wsmJC0dRMJUXtdt+
Malware Config
Targets
-
-
Target
b1e63568286311e1cab88de8e7936d6c94a7acf457b269467edcc1587a60d8d3
-
Size
57KB
-
MD5
fc6e3be550fc0716afd4403e5b8e0e96
-
SHA1
df61091d22b3f95a1e3bb17deadd9b94f3bbf51b
-
SHA256
b1e63568286311e1cab88de8e7936d6c94a7acf457b269467edcc1587a60d8d3
-
SHA512
549e53fc2192a9a6f368321f862fd475bb359f7dcfce1a8565213adc4090d25803042e3f2d56b3135146d9601c9a0ebee0cb6e7173a79e6fcffdeb305db9cee9
-
SSDEEP
768:myxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJVrdh/44DMVLwpXtdtLy:RxqjQ+P04wsmJC0dRMJUXtdt+
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-