General
-
Target
e2267741eb58fe292bccca471dc1699da3b689f09243153f534b977c74e8e1fc
-
Size
94KB
-
Sample
241022-eqf5zsycnl
-
MD5
f429d32b2144ff451654680c8c8a5f85
-
SHA1
9d2686f59f4b57c9618dd52df9672707a17df071
-
SHA256
e2267741eb58fe292bccca471dc1699da3b689f09243153f534b977c74e8e1fc
-
SHA512
29b09e38ff33b82119e27d930e5bff79662424ac64a8c211dbf45c2ae8e3d01ac2614977cc8f4f1337735071e0dc77a5829a03e43eb600c5ad1e4b0cab5b1b3c
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJQPLQrbem58sfOlH9v2nsqBdJBDxoIKk:JxqjQ+P04wsmJCPP6V5ITqTxRYwBdt3
Malware Config
Targets
-
-
Target
e2267741eb58fe292bccca471dc1699da3b689f09243153f534b977c74e8e1fc
-
Size
94KB
-
MD5
f429d32b2144ff451654680c8c8a5f85
-
SHA1
9d2686f59f4b57c9618dd52df9672707a17df071
-
SHA256
e2267741eb58fe292bccca471dc1699da3b689f09243153f534b977c74e8e1fc
-
SHA512
29b09e38ff33b82119e27d930e5bff79662424ac64a8c211dbf45c2ae8e3d01ac2614977cc8f4f1337735071e0dc77a5829a03e43eb600c5ad1e4b0cab5b1b3c
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJQPLQrbem58sfOlH9v2nsqBdJBDxoIKk:JxqjQ+P04wsmJCPP6V5ITqTxRYwBdt3
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-