General
-
Target
e80a6af96aca31ab3b7c6910b00f7739c876979a2fd447055120fd792d6adce4N
-
Size
1.4MB
-
Sample
241110-x2p65sspcx
-
MD5
d89165d317cffc9be0f12e45c59676f0
-
SHA1
b38b43ee8ff4443a20490d9cdf7e170aac4c299e
-
SHA256
e80a6af96aca31ab3b7c6910b00f7739c876979a2fd447055120fd792d6adce4
-
SHA512
ed1961a13c3f252adc76dbee0c1251d30f3f50bb3db5c093e7a51f00b0102f71232bedf72e3b592ee246f31e64787163802b1706e7b42a0cc822dbaed332b05b
-
SSDEEP
24576:fCGqJ7Xa2R1iJe/Oxcj0cccMtsxvhTO3g0iXxqvTBIF6yZ58+pFD7+WZV4w:6GIFT2qjBMY5TtXw7S6k8+6Wb4w
Malware Config
Targets
-
-
Target
e80a6af96aca31ab3b7c6910b00f7739c876979a2fd447055120fd792d6adce4N
-
Size
1.4MB
-
MD5
d89165d317cffc9be0f12e45c59676f0
-
SHA1
b38b43ee8ff4443a20490d9cdf7e170aac4c299e
-
SHA256
e80a6af96aca31ab3b7c6910b00f7739c876979a2fd447055120fd792d6adce4
-
SHA512
ed1961a13c3f252adc76dbee0c1251d30f3f50bb3db5c093e7a51f00b0102f71232bedf72e3b592ee246f31e64787163802b1706e7b42a0cc822dbaed332b05b
-
SSDEEP
24576:fCGqJ7Xa2R1iJe/Oxcj0cccMtsxvhTO3g0iXxqvTBIF6yZ58+pFD7+WZV4w:6GIFT2qjBMY5TtXw7S6k8+6Wb4w
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-