General
-
Target
8193a21689dbbaa33b7c2a25405155c1425a6124b73c3f195a394b30518b657a
-
Size
94KB
-
Sample
221202-hlnwtacf78
-
MD5
9f74fff8152e965eac05ae655b0bee76
-
SHA1
e4fbe86257661366929ac11292c2db8accf36d72
-
SHA256
8193a21689dbbaa33b7c2a25405155c1425a6124b73c3f195a394b30518b657a
-
SHA512
6e03830389c922c48bf24d71f6c12bd63e38bd02b5034ff659e6f1a3a83b70bc1e591b90e4ca3de38e5049ddfb7fafe848d54a34b499220505e8d838dfae2eb3
-
SSDEEP
1536:yxqjQ+P04wsZLnDrCtAu5xHRbUi+QLcnt/zMaRo:zr8WDrCtLSntbMaRo
Malware Config
Targets
-
-
Target
8193a21689dbbaa33b7c2a25405155c1425a6124b73c3f195a394b30518b657a
-
Size
94KB
-
MD5
9f74fff8152e965eac05ae655b0bee76
-
SHA1
e4fbe86257661366929ac11292c2db8accf36d72
-
SHA256
8193a21689dbbaa33b7c2a25405155c1425a6124b73c3f195a394b30518b657a
-
SHA512
6e03830389c922c48bf24d71f6c12bd63e38bd02b5034ff659e6f1a3a83b70bc1e591b90e4ca3de38e5049ddfb7fafe848d54a34b499220505e8d838dfae2eb3
-
SSDEEP
1536:yxqjQ+P04wsZLnDrCtAu5xHRbUi+QLcnt/zMaRo:zr8WDrCtLSntbMaRo
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-