General
-
Target
396c4dc77d4f874f14b4bc566af446b12d33a1af8ad5f15a3c853600d20e3b1bN
-
Size
5.6MB
-
Sample
241020-j53prazejn
-
MD5
38e5e278d59b42a787a7493fd17c0980
-
SHA1
19bf9ac084b118d34953ff1d62a71fbe0d7f7fd7
-
SHA256
396c4dc77d4f874f14b4bc566af446b12d33a1af8ad5f15a3c853600d20e3b1b
-
SHA512
71b8183d6a4dcfcab89f40892912711a9f4fb6cd7a49683c743792eb0ac3c12f1fd0cf4f1138ebfd97176c603df516d0f0f3e136ca86288c17dbe766169c2ea9
-
SSDEEP
98304:xVHFXSCmqsSgfkVsNuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuuuuuuuuuu+:xVHFXSCmqsMW1WbvEUJ9Fwu3jVge5dmH
Malware Config
Targets
-
-
Target
396c4dc77d4f874f14b4bc566af446b12d33a1af8ad5f15a3c853600d20e3b1bN
-
Size
5.6MB
-
MD5
38e5e278d59b42a787a7493fd17c0980
-
SHA1
19bf9ac084b118d34953ff1d62a71fbe0d7f7fd7
-
SHA256
396c4dc77d4f874f14b4bc566af446b12d33a1af8ad5f15a3c853600d20e3b1b
-
SHA512
71b8183d6a4dcfcab89f40892912711a9f4fb6cd7a49683c743792eb0ac3c12f1fd0cf4f1138ebfd97176c603df516d0f0f3e136ca86288c17dbe766169c2ea9
-
SSDEEP
98304:xVHFXSCmqsSgfkVsNuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuuuuuuuuuu+:xVHFXSCmqsMW1WbvEUJ9Fwu3jVge5dmH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-