General
-
Target
266a0f61ea982198cb9132cd2ef888dc042af5be52e4b03b257b9d1283f588f3N
-
Size
1.8MB
-
Sample
241012-nhzrsssdqp
-
MD5
e8ce528d369c041ceaa0042a3a194400
-
SHA1
b7304945dbf6e80175532868623b414e9a60dab8
-
SHA256
266a0f61ea982198cb9132cd2ef888dc042af5be52e4b03b257b9d1283f588f3
-
SHA512
e1173bd3f84ee63278cbeec131d3431276c1f2d83fe7d9f69c9a7d824f44dc2b651499d4d50e843db991afed595640ddf09e64d4dc175200ecac467959cc9c24
-
SSDEEP
49152:3avacdDzEQ/tRxTdUmzOHQUyb/NQYN9R9mid9oLFQNrzbyfGc7:wXdXEQ/tz6+bFQYN9R9midAF8u
Malware Config
Targets
-
-
Target
266a0f61ea982198cb9132cd2ef888dc042af5be52e4b03b257b9d1283f588f3N
-
Size
1.8MB
-
MD5
e8ce528d369c041ceaa0042a3a194400
-
SHA1
b7304945dbf6e80175532868623b414e9a60dab8
-
SHA256
266a0f61ea982198cb9132cd2ef888dc042af5be52e4b03b257b9d1283f588f3
-
SHA512
e1173bd3f84ee63278cbeec131d3431276c1f2d83fe7d9f69c9a7d824f44dc2b651499d4d50e843db991afed595640ddf09e64d4dc175200ecac467959cc9c24
-
SSDEEP
49152:3avacdDzEQ/tRxTdUmzOHQUyb/NQYN9R9mid9oLFQNrzbyfGc7:wXdXEQ/tz6+bFQYN9R9midAF8u
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-