General
-
Target
2898adfbbf0c5a958af4b4ab03152020N.exe
-
Size
7.9MB
-
Sample
240819-a1aczaxemm
-
MD5
2898adfbbf0c5a958af4b4ab03152020
-
SHA1
6a8d0a28ab33ca98e3eda55f094195b8bbfab87a
-
SHA256
206d26e2650f2a23da6e488cb8dea41995763416e906debeea1d3f59dc91f615
-
SHA512
b4cdf5f8e527133dfeff8c1d0fad4533c37e61aa1b130475f1d495983aab4eda02cc58c3a142da9bfef1505eff9d07d09cb97bf9eca41019a25a1cd96ab3129f
-
SSDEEP
196608:TOV63os/6G9yv/+2PPPPPPPPPaPPPPPPPPPcxX1PPPPPPPPPF6b:qI3oseBPPPPPPPPPaPPPPPPPPPcvPPPQ
Malware Config
Targets
-
-
Target
2898adfbbf0c5a958af4b4ab03152020N.exe
-
Size
7.9MB
-
MD5
2898adfbbf0c5a958af4b4ab03152020
-
SHA1
6a8d0a28ab33ca98e3eda55f094195b8bbfab87a
-
SHA256
206d26e2650f2a23da6e488cb8dea41995763416e906debeea1d3f59dc91f615
-
SHA512
b4cdf5f8e527133dfeff8c1d0fad4533c37e61aa1b130475f1d495983aab4eda02cc58c3a142da9bfef1505eff9d07d09cb97bf9eca41019a25a1cd96ab3129f
-
SSDEEP
196608:TOV63os/6G9yv/+2PPPPPPPPPaPPPPPPPPPcxX1PPPPPPPPPF6b:qI3oseBPPPPPPPPPaPPPPPPPPPcvPPPQ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-