General
-
Target
455db4304326ea43a67d58bf094cbf9cdf2eedd262d0f760dbc744cb2198ab28
-
Size
1.5MB
-
Sample
240921-a9cvfsxdkf
-
MD5
7cc6dd82f69e8e33aab3e1beef98300b
-
SHA1
c956d26f8b2639a0737cf0184445384704344965
-
SHA256
455db4304326ea43a67d58bf094cbf9cdf2eedd262d0f760dbc744cb2198ab28
-
SHA512
b155ea0a96eeb43c2d377442e2f10d8db69c148f0ba0c2d3b28a47f389e44dbc62a71092151ddd3aadfd2437ea3d496a51d2056a4c0b93d49be60606c2bd4077
-
SSDEEP
24576:t/UbxuNwMO2bdbXlgmYBdDiNFo/2UCTFM8hpSxOxhUYkC:1sxmOQbXlgjdmNFo/2PTjhp88DkC
Malware Config
Targets
-
-
Target
455db4304326ea43a67d58bf094cbf9cdf2eedd262d0f760dbc744cb2198ab28
-
Size
1.5MB
-
MD5
7cc6dd82f69e8e33aab3e1beef98300b
-
SHA1
c956d26f8b2639a0737cf0184445384704344965
-
SHA256
455db4304326ea43a67d58bf094cbf9cdf2eedd262d0f760dbc744cb2198ab28
-
SHA512
b155ea0a96eeb43c2d377442e2f10d8db69c148f0ba0c2d3b28a47f389e44dbc62a71092151ddd3aadfd2437ea3d496a51d2056a4c0b93d49be60606c2bd4077
-
SSDEEP
24576:t/UbxuNwMO2bdbXlgmYBdDiNFo/2UCTFM8hpSxOxhUYkC:1sxmOQbXlgjdmNFo/2PTjhp88DkC
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-