General
-
Target
97061cacf0435d36f508e17731f5833e83a435a4c8c44c38f79808fb1cae9c54
-
Size
1.3MB
-
Sample
221202-r2gxwabf5x
-
MD5
5f2259f6df58b04f9e6a2c744873a94c
-
SHA1
16468bb0a1d8da519924ca2c167c8df30c0c027b
-
SHA256
97061cacf0435d36f508e17731f5833e83a435a4c8c44c38f79808fb1cae9c54
-
SHA512
c596bf817ca6e67bf45c96b5b28ee2e7afb623f84f9227215aca811932dd1229f531a8d273cb5e37f619de7a0658bc69ac17125464c95b021369efeffea1cfc9
-
SSDEEP
24576:ubwyQf5Gr6yGeWqdWStfOVT+XHZAtDZShTDewWbf2haNr3nHu:ubwbgbOVTMALETDewWbJNrXO
Malware Config
Targets
-
-
Target
97061cacf0435d36f508e17731f5833e83a435a4c8c44c38f79808fb1cae9c54
-
Size
1.3MB
-
MD5
5f2259f6df58b04f9e6a2c744873a94c
-
SHA1
16468bb0a1d8da519924ca2c167c8df30c0c027b
-
SHA256
97061cacf0435d36f508e17731f5833e83a435a4c8c44c38f79808fb1cae9c54
-
SHA512
c596bf817ca6e67bf45c96b5b28ee2e7afb623f84f9227215aca811932dd1229f531a8d273cb5e37f619de7a0658bc69ac17125464c95b021369efeffea1cfc9
-
SSDEEP
24576:ubwyQf5Gr6yGeWqdWStfOVT+XHZAtDZShTDewWbf2haNr3nHu:ubwbgbOVTMALETDewWbJNrXO
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-