General
-
Target
9fd4aeaf98697763e5a41bad321c756008bdd4b792c96fcee50dcdda39c0ce9a
-
Size
291KB
-
Sample
221129-jyghyaah75
-
MD5
18a788bc27b5416488ffdd71f520ae20
-
SHA1
ce0720e1a6419348f0f3abd1270cca4adac565ec
-
SHA256
9fd4aeaf98697763e5a41bad321c756008bdd4b792c96fcee50dcdda39c0ce9a
-
SHA512
493aacc53c63d64670c638ac45579b1f79159816bfd87ab7666a394bd8c54c4364a236a7e87c49766f33d95e511d1dc65e41dff7e5a38110c5e5b0819157fd7d
-
SSDEEP
6144:k96QaI8iHZHZM/Pkb7k638rhO+eMs379:3aX55M/aMrhO+eMs3
Malware Config
Targets
-
-
Target
9fd4aeaf98697763e5a41bad321c756008bdd4b792c96fcee50dcdda39c0ce9a
-
Size
291KB
-
MD5
18a788bc27b5416488ffdd71f520ae20
-
SHA1
ce0720e1a6419348f0f3abd1270cca4adac565ec
-
SHA256
9fd4aeaf98697763e5a41bad321c756008bdd4b792c96fcee50dcdda39c0ce9a
-
SHA512
493aacc53c63d64670c638ac45579b1f79159816bfd87ab7666a394bd8c54c4364a236a7e87c49766f33d95e511d1dc65e41dff7e5a38110c5e5b0819157fd7d
-
SSDEEP
6144:k96QaI8iHZHZM/Pkb7k638rhO+eMs379:3aX55M/aMrhO+eMs3
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-