General
-
Target
d7405e641c9d35c52d4cab04df0b2c80N.exe
-
Size
1.2MB
-
Sample
240715-peywrszbjn
-
MD5
d7405e641c9d35c52d4cab04df0b2c80
-
SHA1
a136aaa386ed16a7a1183681d7f4cbbddded2d82
-
SHA256
07aae1e5fa974a7159bce110d4289e74f35f5d3bd0e43bcb565d64dee8c27ff4
-
SHA512
ea6855ca706076caa1b8ab51d0b49b87a9f506f6bbf77e8d4ae152cbb8f86a81dbd6402afd56a37eacd7902105a1795cae3bd2c4190500a939b7343645cff378
-
SSDEEP
12288:72Mc6EnudIPceS6pxwPM0jk9xOZTmjvB+R98K0rduz+hM2gWAJw3cF8o26M4/+nL:buw6p+CjvE98Huz+h50wO83OU59LH
Malware Config
Targets
-
-
Target
d7405e641c9d35c52d4cab04df0b2c80N.exe
-
Size
1.2MB
-
MD5
d7405e641c9d35c52d4cab04df0b2c80
-
SHA1
a136aaa386ed16a7a1183681d7f4cbbddded2d82
-
SHA256
07aae1e5fa974a7159bce110d4289e74f35f5d3bd0e43bcb565d64dee8c27ff4
-
SHA512
ea6855ca706076caa1b8ab51d0b49b87a9f506f6bbf77e8d4ae152cbb8f86a81dbd6402afd56a37eacd7902105a1795cae3bd2c4190500a939b7343645cff378
-
SSDEEP
12288:72Mc6EnudIPceS6pxwPM0jk9xOZTmjvB+R98K0rduz+hM2gWAJw3cF8o26M4/+nL:buw6p+CjvE98Huz+h50wO83OU59LH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-