General
-
Target
7d51dd7a7e051f345bdcd233db8d79224d58f913342e416e7752141698dd88a6
-
Size
636KB
-
Sample
241018-bewvhszdnj
-
MD5
8d01be838087f42c2a9ed7490332ccda
-
SHA1
28c090e917a17d2cd218b6fd43c413fb939d52c0
-
SHA256
7d51dd7a7e051f345bdcd233db8d79224d58f913342e416e7752141698dd88a6
-
SHA512
9a63ae887a6f1d57603d9d99733c9a2f267bea16844ab41e1b5fd5c51d0bb934c7dc610fce5f4a58efd3737e5b82413922325aad8ade298cf95a07e08cd3d701
-
SSDEEP
12288:WkKH+B9v0p5bu9TlLfUTdwq1UfPiaAmfNXmehLUI9:eH+nv0vbuhZUTdKJmed9
Malware Config
Targets
-
-
Target
7d51dd7a7e051f345bdcd233db8d79224d58f913342e416e7752141698dd88a6
-
Size
636KB
-
MD5
8d01be838087f42c2a9ed7490332ccda
-
SHA1
28c090e917a17d2cd218b6fd43c413fb939d52c0
-
SHA256
7d51dd7a7e051f345bdcd233db8d79224d58f913342e416e7752141698dd88a6
-
SHA512
9a63ae887a6f1d57603d9d99733c9a2f267bea16844ab41e1b5fd5c51d0bb934c7dc610fce5f4a58efd3737e5b82413922325aad8ade298cf95a07e08cd3d701
-
SSDEEP
12288:WkKH+B9v0p5bu9TlLfUTdwq1UfPiaAmfNXmehLUI9:eH+nv0vbuhZUTdKJmed9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-