General
-
Target
5377116e662a19c5c7b6a7d479b6beb2c8b16d84e7468277de08399448f6e750
-
Size
367KB
-
Sample
241109-18malswngm
-
MD5
9e0f0ed171d1a767ad25ac7b82bbcda1
-
SHA1
f314d9c59072e5bbad0aa7910d0fe1cc84500c31
-
SHA256
5377116e662a19c5c7b6a7d479b6beb2c8b16d84e7468277de08399448f6e750
-
SHA512
1285a534c3c56e0d2ef71350aa5d856f12f18eb29bc0b1cd6e1b73585fa746ca846d15fb79966d12f022c614aeac6909923274ea9dee15cb92904f18d492b2ee
-
SSDEEP
6144:k9fNyLd9wh0yoyEoZtDiBwGIWMohTZUeGdQT9nIXSk:OyLghrorQDioowcT9sl
Malware Config
Targets
-
-
Target
5377116e662a19c5c7b6a7d479b6beb2c8b16d84e7468277de08399448f6e750
-
Size
367KB
-
MD5
9e0f0ed171d1a767ad25ac7b82bbcda1
-
SHA1
f314d9c59072e5bbad0aa7910d0fe1cc84500c31
-
SHA256
5377116e662a19c5c7b6a7d479b6beb2c8b16d84e7468277de08399448f6e750
-
SHA512
1285a534c3c56e0d2ef71350aa5d856f12f18eb29bc0b1cd6e1b73585fa746ca846d15fb79966d12f022c614aeac6909923274ea9dee15cb92904f18d492b2ee
-
SSDEEP
6144:k9fNyLd9wh0yoyEoZtDiBwGIWMohTZUeGdQT9nIXSk:OyLghrorQDioowcT9sl
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-