General
-
Target
d51e3ecdeed5a6b5688a79e9d4d09a49554c4a3685d584da8fc38024bc7eaf0c
-
Size
184KB
-
Sample
221130-at49rsfe7z
-
MD5
9170c60406d357f58a4472f21dd6e4c3
-
SHA1
31c6e422c8e8b1a605bbaefb732aa89aae003c08
-
SHA256
d51e3ecdeed5a6b5688a79e9d4d09a49554c4a3685d584da8fc38024bc7eaf0c
-
SHA512
0aa7227c737740f76de207e01dac8aff5c46462a502e81dcf7f92027c35988945ff4990089e1d5fdecd778c079f0803cf07a7b5d92482a812c09a1ba760dc22f
-
SSDEEP
3072:sr85C/A6ba2esDetNxVgbTGV9X4qsD2ADkpFGkTXlDf:k9Xa2en/V6Mp/plzpTVDf
Malware Config
Targets
-
-
Target
d51e3ecdeed5a6b5688a79e9d4d09a49554c4a3685d584da8fc38024bc7eaf0c
-
Size
184KB
-
MD5
9170c60406d357f58a4472f21dd6e4c3
-
SHA1
31c6e422c8e8b1a605bbaefb732aa89aae003c08
-
SHA256
d51e3ecdeed5a6b5688a79e9d4d09a49554c4a3685d584da8fc38024bc7eaf0c
-
SHA512
0aa7227c737740f76de207e01dac8aff5c46462a502e81dcf7f92027c35988945ff4990089e1d5fdecd778c079f0803cf07a7b5d92482a812c09a1ba760dc22f
-
SSDEEP
3072:sr85C/A6ba2esDetNxVgbTGV9X4qsD2ADkpFGkTXlDf:k9Xa2en/V6Mp/plzpTVDf
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-