General
-
Target
6e4d49bd42ff32ec86088e3f6b976d4456438de5f86def6aa45b59ee7c0d4094N
-
Size
1011KB
-
Sample
241010-vgjshs1grr
-
MD5
887de8413148d4ad6356e5282db14150
-
SHA1
495b29b679f87bb4d79cb9ce9bd2893248666c97
-
SHA256
6e4d49bd42ff32ec86088e3f6b976d4456438de5f86def6aa45b59ee7c0d4094
-
SHA512
0bb98e510f5dfd38b790a03b73d16573e36a67308dbd5f4e2feab9ff6b77ee2882239602f7022673c310fdf62c990c58693eaa60b07b5b002ba5c04bc9aed07b
-
SSDEEP
6144:k9tdOT97dOMNbGPR7rq6coqYfbddOWZqIGRPgtlzGdOAS3KN/dbGPR7qvKwGjY/3:fuDprq/YfO5I+P8LbJpqL5wWWZi
Malware Config
Targets
-
-
Target
6e4d49bd42ff32ec86088e3f6b976d4456438de5f86def6aa45b59ee7c0d4094N
-
Size
1011KB
-
MD5
887de8413148d4ad6356e5282db14150
-
SHA1
495b29b679f87bb4d79cb9ce9bd2893248666c97
-
SHA256
6e4d49bd42ff32ec86088e3f6b976d4456438de5f86def6aa45b59ee7c0d4094
-
SHA512
0bb98e510f5dfd38b790a03b73d16573e36a67308dbd5f4e2feab9ff6b77ee2882239602f7022673c310fdf62c990c58693eaa60b07b5b002ba5c04bc9aed07b
-
SSDEEP
6144:k9tdOT97dOMNbGPR7rq6coqYfbddOWZqIGRPgtlzGdOAS3KN/dbGPR7qvKwGjY/3:fuDprq/YfO5I+P8LbJpqL5wWWZi
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-