General
-
Target
112d39ce63fabea7a869d92dbfc4b1d54c0c0d79a18f55a84629c661376f047aN
-
Size
1.7MB
-
Sample
241020-qbcd2a1fqp
-
MD5
04f12435d4f5e0cd4df8e2d1b5b72840
-
SHA1
c67af71c416e488acd56669c83f9e9b983e6a73c
-
SHA256
112d39ce63fabea7a869d92dbfc4b1d54c0c0d79a18f55a84629c661376f047a
-
SHA512
e8aa49bc78bd1ab5f83f0570dba5a8b285d2e8b4911b48a418be78c6c3d7e7ac723e7dc6d27cbeb131097f2c26ca999df5ff835d87e16f6fe54ac7fa13681e12
-
SSDEEP
49152:xVHFXSFEmqiDqCbS1gickVsPTpuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuj:xVHFXSCmqsSgfkVsNuuuuuuuuuuuuuuz
Malware Config
Targets
-
-
Target
112d39ce63fabea7a869d92dbfc4b1d54c0c0d79a18f55a84629c661376f047aN
-
Size
1.7MB
-
MD5
04f12435d4f5e0cd4df8e2d1b5b72840
-
SHA1
c67af71c416e488acd56669c83f9e9b983e6a73c
-
SHA256
112d39ce63fabea7a869d92dbfc4b1d54c0c0d79a18f55a84629c661376f047a
-
SHA512
e8aa49bc78bd1ab5f83f0570dba5a8b285d2e8b4911b48a418be78c6c3d7e7ac723e7dc6d27cbeb131097f2c26ca999df5ff835d87e16f6fe54ac7fa13681e12
-
SSDEEP
49152:xVHFXSFEmqiDqCbS1gickVsPTpuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuj:xVHFXSCmqsSgfkVsNuuuuuuuuuuuuuuz
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-