General
-
Target
f6f9529f43721eec06c23436030dd9e5b72b2aabc5b3b793fd69283987cec421N
-
Size
412KB
-
Sample
241107-zr1w1a1mfk
-
MD5
4a774f1c7d79630cef93ac4fe5355660
-
SHA1
5243132489c740c61e5e8f546c457fccdb59e271
-
SHA256
f6f9529f43721eec06c23436030dd9e5b72b2aabc5b3b793fd69283987cec421
-
SHA512
8e821fa6604c34d4819a5d74b1320bbc67558c8db68680e346185dc2affb6c89c251ccb0d827cad38b5295d816ecbb01b7793ee3f7612af754fd2748b3c6c6c7
-
SSDEEP
3072:sr85CY0dTtpoNMtov0xESk8laASQS5P9FKFUbKWS/7TkF7A2+HgZjw2SPhWyr85C:k9Y0lINA/S5PnWUbKFk+HgZqPhB9
Malware Config
Targets
-
-
Target
f6f9529f43721eec06c23436030dd9e5b72b2aabc5b3b793fd69283987cec421N
-
Size
412KB
-
MD5
4a774f1c7d79630cef93ac4fe5355660
-
SHA1
5243132489c740c61e5e8f546c457fccdb59e271
-
SHA256
f6f9529f43721eec06c23436030dd9e5b72b2aabc5b3b793fd69283987cec421
-
SHA512
8e821fa6604c34d4819a5d74b1320bbc67558c8db68680e346185dc2affb6c89c251ccb0d827cad38b5295d816ecbb01b7793ee3f7612af754fd2748b3c6c6c7
-
SSDEEP
3072:sr85CY0dTtpoNMtov0xESk8laASQS5P9FKFUbKWS/7TkF7A2+HgZjw2SPhWyr85C:k9Y0lINA/S5PnWUbKFk+HgZqPhB9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-