General
-
Target
e66afb0ae3c92d6c02de6fda1b9f31bcaa78bca32bd35619d5edb67d722f6ec4N
-
Size
929KB
-
Sample
241022-qslc9syhrl
-
MD5
46109966a6005dc3ff766ace1d1a2d60
-
SHA1
54a38ecd3372ee05ce077641de098bb54b1072da
-
SHA256
e66afb0ae3c92d6c02de6fda1b9f31bcaa78bca32bd35619d5edb67d722f6ec4
-
SHA512
1d0a79e71a7955abe76630ad5387a4d391edaa04021a017b9ffde7c8052827379ce5aa5a3b874e984878a9b0a40cb8332b87a9153da7ca63d7eb7e464e4903e0
-
SSDEEP
24576:CUCLQFmCtu9S+A01Z5ngNCJWGOa6Mp12XV/ZmT9JFvh89muQL:v0h12XrmRJssL
Malware Config
Targets
-
-
Target
e66afb0ae3c92d6c02de6fda1b9f31bcaa78bca32bd35619d5edb67d722f6ec4N
-
Size
929KB
-
MD5
46109966a6005dc3ff766ace1d1a2d60
-
SHA1
54a38ecd3372ee05ce077641de098bb54b1072da
-
SHA256
e66afb0ae3c92d6c02de6fda1b9f31bcaa78bca32bd35619d5edb67d722f6ec4
-
SHA512
1d0a79e71a7955abe76630ad5387a4d391edaa04021a017b9ffde7c8052827379ce5aa5a3b874e984878a9b0a40cb8332b87a9153da7ca63d7eb7e464e4903e0
-
SSDEEP
24576:CUCLQFmCtu9S+A01Z5ngNCJWGOa6Mp12XV/ZmT9JFvh89muQL:v0h12XrmRJssL
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-