General
-
Target
8ae668beb8fba194d9769ab5429be66870e9348fa5b4ab37f2ab244abae7724a
-
Size
3.5MB
-
Sample
241102-pmdksswrel
-
MD5
611b70496f040720fc2e311abd4501cf
-
SHA1
c4823a7c12cc7b52d42d8d8e94c22a21f3d9df05
-
SHA256
8ae668beb8fba194d9769ab5429be66870e9348fa5b4ab37f2ab244abae7724a
-
SHA512
e1028d381290d5c82ebf6ef86377a55ceaa31b8f6252b5f831c377a2229789dee969657f2a5dd5a2b1bad765bf996b62802c99aa5768fdaad20251e1da7706e3
-
SSDEEP
98304:YTk8j4L5oaU3T3IkKn8oBnwEjhuaNzwa/dJX:YTkTWaU3T3IkA8oBnh1Nl//
Malware Config
Targets
-
-
Target
8ae668beb8fba194d9769ab5429be66870e9348fa5b4ab37f2ab244abae7724a
-
Size
3.5MB
-
MD5
611b70496f040720fc2e311abd4501cf
-
SHA1
c4823a7c12cc7b52d42d8d8e94c22a21f3d9df05
-
SHA256
8ae668beb8fba194d9769ab5429be66870e9348fa5b4ab37f2ab244abae7724a
-
SHA512
e1028d381290d5c82ebf6ef86377a55ceaa31b8f6252b5f831c377a2229789dee969657f2a5dd5a2b1bad765bf996b62802c99aa5768fdaad20251e1da7706e3
-
SSDEEP
98304:YTk8j4L5oaU3T3IkKn8oBnwEjhuaNzwa/dJX:YTkTWaU3T3IkA8oBnh1Nl//
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-