General
-
Target
ad62a32a7d961c8ff2ec371c52acab923d5816736010b161ed68201bcf2572ee
-
Size
1.4MB
-
Sample
221202-r19lhabf4x
-
MD5
7e322e66f5ede8f660d838a10b102969
-
SHA1
f2ee690d4af02a3f7a3a0419417bae439905eeb5
-
SHA256
ad62a32a7d961c8ff2ec371c52acab923d5816736010b161ed68201bcf2572ee
-
SHA512
d67447969ded5918bc20cf3a7ff97a8965408c3f00262b23cad5e09d094d875217ff65968cec4d452aab6aea9da9d7608c07f5e75ba31fcb619e45d5edf71850
-
SSDEEP
24576:GIG3nvPkK0PB3CM+5M05GKvvoiRrfVdLbMUkB8AL1Lcv63mjSvQp0KxYgpN0SZ/u:4nHkXvHAGWrIIvUs7TR1OhLrd
Malware Config
Targets
-
-
Target
ad62a32a7d961c8ff2ec371c52acab923d5816736010b161ed68201bcf2572ee
-
Size
1.4MB
-
MD5
7e322e66f5ede8f660d838a10b102969
-
SHA1
f2ee690d4af02a3f7a3a0419417bae439905eeb5
-
SHA256
ad62a32a7d961c8ff2ec371c52acab923d5816736010b161ed68201bcf2572ee
-
SHA512
d67447969ded5918bc20cf3a7ff97a8965408c3f00262b23cad5e09d094d875217ff65968cec4d452aab6aea9da9d7608c07f5e75ba31fcb619e45d5edf71850
-
SSDEEP
24576:GIG3nvPkK0PB3CM+5M05GKvvoiRrfVdLbMUkB8AL1Lcv63mjSvQp0KxYgpN0SZ/u:4nHkXvHAGWrIIvUs7TR1OhLrd
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-