General
-
Target
f12adc8da042e58dc97e390a044284a266adad7949a177238b1d7e72e6bc4674
-
Size
314KB
-
Sample
241010-xs8bcsxbkn
-
MD5
d0102ba2c59700add4cdcdbed01e165b
-
SHA1
fb3a0505fcd26190c782a048ef665196a1e33084
-
SHA256
f12adc8da042e58dc97e390a044284a266adad7949a177238b1d7e72e6bc4674
-
SHA512
e2603298bba575c79f21a5f50dd029ad99c0aa6fb772af5facc374719b042cd23552fa0aa01de4111c22d086920f3375c8478e901d65047b5e9f222bed3218c0
-
SSDEEP
6144:k9OeySe8AIqpoHbnDns1ND97deKzC/IUeRUqGntyH7xOc6H5c6HcT66vlmrq:QyV8hEoHbI3x/+eSaH
Malware Config
Targets
-
-
Target
f12adc8da042e58dc97e390a044284a266adad7949a177238b1d7e72e6bc4674
-
Size
314KB
-
MD5
d0102ba2c59700add4cdcdbed01e165b
-
SHA1
fb3a0505fcd26190c782a048ef665196a1e33084
-
SHA256
f12adc8da042e58dc97e390a044284a266adad7949a177238b1d7e72e6bc4674
-
SHA512
e2603298bba575c79f21a5f50dd029ad99c0aa6fb772af5facc374719b042cd23552fa0aa01de4111c22d086920f3375c8478e901d65047b5e9f222bed3218c0
-
SSDEEP
6144:k9OeySe8AIqpoHbnDns1ND97deKzC/IUeRUqGntyH7xOc6H5c6HcT66vlmrq:QyV8hEoHbI3x/+eSaH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-