General
-
Target
d65330a9273a84f255d5795bdeca2903a8f91fb48dbe1ab67af7cbbb1854902eN
-
Size
2.3MB
-
Sample
241022-mj3dmssekj
-
MD5
381b0a73b6b303fae21a9f71fa0bb5f0
-
SHA1
073b6090c8a5f19b06a0a34eb71062c32e3bbef6
-
SHA256
d65330a9273a84f255d5795bdeca2903a8f91fb48dbe1ab67af7cbbb1854902e
-
SHA512
318055c9c19046d018f96bcaea1b6f33e2f5d221f71f4270ce0be8fc2f5438cdb5173a4a4e50d38a85f2d590c3afae5e9145c1a21eabdc295137b42157ba1e7c
-
SSDEEP
49152:cgXF8MfVzpgAgez8dfGmjEXT9LAA8c9OgbNuYoQ:5eMfVaOz8dO4EpHR8
Malware Config
Targets
-
-
Target
d65330a9273a84f255d5795bdeca2903a8f91fb48dbe1ab67af7cbbb1854902eN
-
Size
2.3MB
-
MD5
381b0a73b6b303fae21a9f71fa0bb5f0
-
SHA1
073b6090c8a5f19b06a0a34eb71062c32e3bbef6
-
SHA256
d65330a9273a84f255d5795bdeca2903a8f91fb48dbe1ab67af7cbbb1854902e
-
SHA512
318055c9c19046d018f96bcaea1b6f33e2f5d221f71f4270ce0be8fc2f5438cdb5173a4a4e50d38a85f2d590c3afae5e9145c1a21eabdc295137b42157ba1e7c
-
SSDEEP
49152:cgXF8MfVzpgAgez8dfGmjEXT9LAA8c9OgbNuYoQ:5eMfVaOz8dO4EpHR8
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-