General
-
Target
b5af7af222e999c18c5a12db5d077e158cd406c7a44db64d0786aa82de54b7bfN
-
Size
325KB
-
Sample
241020-ne8kjaxcrl
-
MD5
ca63742df0ecfb061628cd8614716750
-
SHA1
4c8ef9715fd0d1d37e59ddfb75ec9ba17f619868
-
SHA256
b5af7af222e999c18c5a12db5d077e158cd406c7a44db64d0786aa82de54b7bf
-
SHA512
5cec481b41e56b853aa7414396a8f11f0fb3ef599679cd1987e51ddc08d5f42861b444c73d382b07469077da0acf97a80f47e42c6100e6a4382c91b2e6a07fad
-
SSDEEP
6144:g9QpWYoTOLHIsPPzAdnzdYunYPMvo7bAHdwSc:dpWYoaLHF3z0zdOPMvo7bCd9c
Malware Config
Targets
-
-
Target
b5af7af222e999c18c5a12db5d077e158cd406c7a44db64d0786aa82de54b7bfN
-
Size
325KB
-
MD5
ca63742df0ecfb061628cd8614716750
-
SHA1
4c8ef9715fd0d1d37e59ddfb75ec9ba17f619868
-
SHA256
b5af7af222e999c18c5a12db5d077e158cd406c7a44db64d0786aa82de54b7bf
-
SHA512
5cec481b41e56b853aa7414396a8f11f0fb3ef599679cd1987e51ddc08d5f42861b444c73d382b07469077da0acf97a80f47e42c6100e6a4382c91b2e6a07fad
-
SSDEEP
6144:g9QpWYoTOLHIsPPzAdnzdYunYPMvo7bAHdwSc:dpWYoaLHF3z0zdOPMvo7bCd9c
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-