General
-
Target
e8a70ed1e94947395ce6906bd3940cd0f025d27d6a48a50fcaa55c8feb4e58e5N
-
Size
238KB
-
Sample
241023-pbct5a1dnm
-
MD5
db5a2ee1a4729cf69c81609eac6d9f40
-
SHA1
c743a4342f66776ecd6a68ecf4df52f5937463a0
-
SHA256
e8a70ed1e94947395ce6906bd3940cd0f025d27d6a48a50fcaa55c8feb4e58e5
-
SHA512
72d9caf9a7596e9ddee1caa14bdb27322149261eb9dad30dc42cd2b51882ecba283c16970f5eafe52aba11c0d11fff785199a1e8bca5ad14b3dcbd032c38c8cf
-
SSDEEP
3072:sr85C/9Mh2XtL+it8l25CoNxcglrZyIWBvSM5uImoZhI:k9/9McXtLHKl2koNxDlVVM5bjk
Malware Config
Targets
-
-
Target
e8a70ed1e94947395ce6906bd3940cd0f025d27d6a48a50fcaa55c8feb4e58e5N
-
Size
238KB
-
MD5
db5a2ee1a4729cf69c81609eac6d9f40
-
SHA1
c743a4342f66776ecd6a68ecf4df52f5937463a0
-
SHA256
e8a70ed1e94947395ce6906bd3940cd0f025d27d6a48a50fcaa55c8feb4e58e5
-
SHA512
72d9caf9a7596e9ddee1caa14bdb27322149261eb9dad30dc42cd2b51882ecba283c16970f5eafe52aba11c0d11fff785199a1e8bca5ad14b3dcbd032c38c8cf
-
SSDEEP
3072:sr85C/9Mh2XtL+it8l25CoNxcglrZyIWBvSM5uImoZhI:k9/9McXtLHKl2koNxDlVVM5bjk
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-