General
-
Target
3fda575299dfe1e58ffc253959b312013aea3280dff1e45206743a33b9ff75ac
-
Size
6.4MB
-
Sample
241021-zw4hpawfpa
-
MD5
303c9af0766d42e0ab9456e52cab77d1
-
SHA1
04e77805e2418fc01e7bb62405e0340f46e524d7
-
SHA256
3fda575299dfe1e58ffc253959b312013aea3280dff1e45206743a33b9ff75ac
-
SHA512
27515a561cb18ae686d73253d86f48f8b668034a473c0616784f1d066e178d2881ea55a346443ccc0f5bd44f6887ece0577cc5c3e34bc8bad699fb22c0c86168
-
SSDEEP
98304:NgK7LbOwQM00tb3+9tG3Ts4WinCBRD+gucgkFvVDZM9A3bh5101s4z555HozXaWw:L7msb883gXBRD+gfgkFH3T6s4Dizrnc
Malware Config
Targets
-
-
Target
3fda575299dfe1e58ffc253959b312013aea3280dff1e45206743a33b9ff75ac
-
Size
6.4MB
-
MD5
303c9af0766d42e0ab9456e52cab77d1
-
SHA1
04e77805e2418fc01e7bb62405e0340f46e524d7
-
SHA256
3fda575299dfe1e58ffc253959b312013aea3280dff1e45206743a33b9ff75ac
-
SHA512
27515a561cb18ae686d73253d86f48f8b668034a473c0616784f1d066e178d2881ea55a346443ccc0f5bd44f6887ece0577cc5c3e34bc8bad699fb22c0c86168
-
SSDEEP
98304:NgK7LbOwQM00tb3+9tG3Ts4WinCBRD+gucgkFvVDZM9A3bh5101s4z555HozXaWw:L7msb883gXBRD+gfgkFH3T6s4Dizrnc
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-