General
-
Target
17ae7861146790d8cfd8d2195edadf1753b0a7fb241b1ae8991ff6d5c356bdbcN
-
Size
1.4MB
-
Sample
241014-qvecqsxgjf
-
MD5
cd5b0287327f34d60f7047aa9cddda80
-
SHA1
b412fec2a9195489b627c1be056f676397a8de3b
-
SHA256
17ae7861146790d8cfd8d2195edadf1753b0a7fb241b1ae8991ff6d5c356bdbc
-
SHA512
f9529f48f4a3b7590aa2a0ba0a0865e57b5b1cd2a2b90fe926709c670203b109c27e321d66a780626f394a84bc0de015ea28dee2d0eb2dc0b4717f1542f939cb
-
SSDEEP
24576:DlO4qXuICC77dqfmi69RKZHgp5KmQ9+4b6Ul0:pO4qepfmi+RG1mQ8S6Y0
Malware Config
Targets
-
-
Target
17ae7861146790d8cfd8d2195edadf1753b0a7fb241b1ae8991ff6d5c356bdbcN
-
Size
1.4MB
-
MD5
cd5b0287327f34d60f7047aa9cddda80
-
SHA1
b412fec2a9195489b627c1be056f676397a8de3b
-
SHA256
17ae7861146790d8cfd8d2195edadf1753b0a7fb241b1ae8991ff6d5c356bdbc
-
SHA512
f9529f48f4a3b7590aa2a0ba0a0865e57b5b1cd2a2b90fe926709c670203b109c27e321d66a780626f394a84bc0de015ea28dee2d0eb2dc0b4717f1542f939cb
-
SSDEEP
24576:DlO4qXuICC77dqfmi69RKZHgp5KmQ9+4b6Ul0:pO4qepfmi+RG1mQ8S6Y0
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-