General
-
Target
760124d64d0768752264f1e0cbaf3c11e187b457c04b97f3c5791aa9963ddfa0
-
Size
5.9MB
-
Sample
241029-bhm2sazjbn
-
MD5
a37aa0895086be9a9cac3c8c379f1a90
-
SHA1
8986841df3faa261873211c5385c96b63fbf5da2
-
SHA256
760124d64d0768752264f1e0cbaf3c11e187b457c04b97f3c5791aa9963ddfa0
-
SHA512
d61b1ee156e9cdb7f1bd9b1b8671d66036ac6679e1b633e4b649f606cfac63f3d5102a15269dab171e62a1ddce9298c53c432a645d6ce4ad022d979e32b727db
-
SSDEEP
98304:fC4T2T4KZAznI1f5fjXAJyhi0LXKDkBAjfjejYvpPd:fC4T2T44AznI1f5fjXsyhi0LaDkBAjfR
Malware Config
Targets
-
-
Target
760124d64d0768752264f1e0cbaf3c11e187b457c04b97f3c5791aa9963ddfa0
-
Size
5.9MB
-
MD5
a37aa0895086be9a9cac3c8c379f1a90
-
SHA1
8986841df3faa261873211c5385c96b63fbf5da2
-
SHA256
760124d64d0768752264f1e0cbaf3c11e187b457c04b97f3c5791aa9963ddfa0
-
SHA512
d61b1ee156e9cdb7f1bd9b1b8671d66036ac6679e1b633e4b649f606cfac63f3d5102a15269dab171e62a1ddce9298c53c432a645d6ce4ad022d979e32b727db
-
SSDEEP
98304:fC4T2T4KZAznI1f5fjXAJyhi0LXKDkBAjfjejYvpPd:fC4T2T44AznI1f5fjXsyhi0LaDkBAjfR
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-