General
-
Target
12e3cccbe7baf412b75695c9d7f5caf2f87a808ae81a08a59ed96c58d9ede3d4N
-
Size
231KB
-
Sample
241026-debkpaydng
-
MD5
4103c4ec96a89ea46b13c3ce86f22590
-
SHA1
6a00e6146904b87fb0e907d3036ebfd735c3de00
-
SHA256
12e3cccbe7baf412b75695c9d7f5caf2f87a808ae81a08a59ed96c58d9ede3d4
-
SHA512
17f119e0dc9e3216aae292eba58d9f8874fdd27f840279ddf241ac1644fb79711fa0fa187d7873c6702c942200e82ba9703306ef5ca2f7f43ed41029d811fd9c
-
SSDEEP
6144:k9erN4GxXTyPZWAKCVc+rgLEPxpAnQpAnP:zryGx0UCILEPHAKAP
Malware Config
Targets
-
-
Target
12e3cccbe7baf412b75695c9d7f5caf2f87a808ae81a08a59ed96c58d9ede3d4N
-
Size
231KB
-
MD5
4103c4ec96a89ea46b13c3ce86f22590
-
SHA1
6a00e6146904b87fb0e907d3036ebfd735c3de00
-
SHA256
12e3cccbe7baf412b75695c9d7f5caf2f87a808ae81a08a59ed96c58d9ede3d4
-
SHA512
17f119e0dc9e3216aae292eba58d9f8874fdd27f840279ddf241ac1644fb79711fa0fa187d7873c6702c942200e82ba9703306ef5ca2f7f43ed41029d811fd9c
-
SSDEEP
6144:k9erN4GxXTyPZWAKCVc+rgLEPxpAnQpAnP:zryGx0UCILEPHAKAP
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-