General
-
Target
38fa4922fa6f02a2d706caf1a43784134e68d9db778faa95df62ee9af8ee7121
-
Size
1.5MB
-
Sample
241108-1hzs1szglb
-
MD5
50d851a8b4fa8e6edddce24517ea83b2
-
SHA1
ff84cfaad371da7b6b9c9513fb9df6a435be7b44
-
SHA256
38fa4922fa6f02a2d706caf1a43784134e68d9db778faa95df62ee9af8ee7121
-
SHA512
9a5c009a31aa34c346261be7ca6aa85f354c59194addd0c4af93c68378966e80beb06abc4eb219a28c45f2da8e32ff55133698ed7d82ead3617f224b5cb0af44
-
SSDEEP
24576:rNweGnRgiff6mz3/IDfj6fNViWo5nqyTeVwj8owUJ5iXL9IXbE:5bfO6mz3+hWoNqyTCwj8ozJ5yL9IXbE
Malware Config
Targets
-
-
Target
38fa4922fa6f02a2d706caf1a43784134e68d9db778faa95df62ee9af8ee7121
-
Size
1.5MB
-
MD5
50d851a8b4fa8e6edddce24517ea83b2
-
SHA1
ff84cfaad371da7b6b9c9513fb9df6a435be7b44
-
SHA256
38fa4922fa6f02a2d706caf1a43784134e68d9db778faa95df62ee9af8ee7121
-
SHA512
9a5c009a31aa34c346261be7ca6aa85f354c59194addd0c4af93c68378966e80beb06abc4eb219a28c45f2da8e32ff55133698ed7d82ead3617f224b5cb0af44
-
SSDEEP
24576:rNweGnRgiff6mz3/IDfj6fNViWo5nqyTeVwj8owUJ5iXL9IXbE:5bfO6mz3+hWoNqyTCwj8ozJ5yL9IXbE
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-