General
-
Target
ab9c86d1733a63f8298254a98d2bb9bb39956ec8e62d6b73b92676d2f055eb8c
-
Size
196KB
-
Sample
221202-r2a5bsga39
-
MD5
71b316816719c19b07b422413dace868
-
SHA1
d0e0a1518d4e5da923c6b3ae31d6998a410f91f6
-
SHA256
ab9c86d1733a63f8298254a98d2bb9bb39956ec8e62d6b73b92676d2f055eb8c
-
SHA512
5b738764bab82e9a4118c144660216651b007ae10bc328862ee92092675aa9b5ac60767f7e75f1147ba274e7108f6ee0f002a2c56f061c154d28643d445e0ec6
-
SSDEEP
3072:sr85C7pR6O5+Du1Cp0zdkAxRv9IMGxanVI/XycWT0uzv+Dit4QlBaKblmE:k9NIO5Eu120ZfqMNCxWTXzvR4QlBaKbr
Malware Config
Targets
-
-
Target
ab9c86d1733a63f8298254a98d2bb9bb39956ec8e62d6b73b92676d2f055eb8c
-
Size
196KB
-
MD5
71b316816719c19b07b422413dace868
-
SHA1
d0e0a1518d4e5da923c6b3ae31d6998a410f91f6
-
SHA256
ab9c86d1733a63f8298254a98d2bb9bb39956ec8e62d6b73b92676d2f055eb8c
-
SHA512
5b738764bab82e9a4118c144660216651b007ae10bc328862ee92092675aa9b5ac60767f7e75f1147ba274e7108f6ee0f002a2c56f061c154d28643d445e0ec6
-
SSDEEP
3072:sr85C7pR6O5+Du1Cp0zdkAxRv9IMGxanVI/XycWT0uzv+Dit4QlBaKblmE:k9NIO5Eu120ZfqMNCxWTXzvR4QlBaKbr
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-