General
-
Target
28bd8590e77ef0296d6dfe30d3dea2328ee35ac3d1884a131535641d8b4dc229
-
Size
346KB
-
Sample
241010-ybpncssgpe
-
MD5
b3d1e79c26f4000ec7f3d895f71e5d44
-
SHA1
0a8b2fb7072b9430e014339f64b134cde21bb4c5
-
SHA256
28bd8590e77ef0296d6dfe30d3dea2328ee35ac3d1884a131535641d8b4dc229
-
SHA512
26094f92037216c2f35709e1a0c909df7f9bb489621c2dcca01fd1d473581c60cb74b51d923fff1e058d9df850772e1ff2c66b921b7e5ac6a4fac94020f4574f
-
SSDEEP
3072:sr85CALC17py2cxmH/9tTYpfQHEqTrtAHnpsevrwxNOZWNw2XKmkdNZn:k9xH/9epoHHTxinpsOrwxNOF2edNZn
Malware Config
Targets
-
-
Target
28bd8590e77ef0296d6dfe30d3dea2328ee35ac3d1884a131535641d8b4dc229
-
Size
346KB
-
MD5
b3d1e79c26f4000ec7f3d895f71e5d44
-
SHA1
0a8b2fb7072b9430e014339f64b134cde21bb4c5
-
SHA256
28bd8590e77ef0296d6dfe30d3dea2328ee35ac3d1884a131535641d8b4dc229
-
SHA512
26094f92037216c2f35709e1a0c909df7f9bb489621c2dcca01fd1d473581c60cb74b51d923fff1e058d9df850772e1ff2c66b921b7e5ac6a4fac94020f4574f
-
SSDEEP
3072:sr85CALC17py2cxmH/9tTYpfQHEqTrtAHnpsevrwxNOZWNw2XKmkdNZn:k9xH/9epoHHTxinpsOrwxNOF2edNZn
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-