General
-
Target
d1051d21993ae5df42631f40b71bc975bc913d2b93392fa9b41b0705b9949433N.exe
-
Size
145KB
-
Sample
241112-2qrcaawleq
-
MD5
caa7078d47e3f6f312bbfd0a42c0b860
-
SHA1
fdd427abf10a8a7fd2e739f5917bfe0de1287fdd
-
SHA256
d1051d21993ae5df42631f40b71bc975bc913d2b93392fa9b41b0705b9949433
-
SHA512
178af224ccd90025aab94c67a22ba97c0acd394629d1c013d496145418fc6455dc46ff61ad2bc7435f9f81042c24eaef51eb702197e2d51a83e9b488db46857f
-
SSDEEP
1536:JxqjQ+P04wsmJCB7GhAtoaqPsTBKGzKC61XxONq2258a7FuZ1h7t8Oj7t8al648u:sr85CIhAtGsTBYONC8a7ghCcCw648d5a
Malware Config
Targets
-
-
Target
d1051d21993ae5df42631f40b71bc975bc913d2b93392fa9b41b0705b9949433N.exe
-
Size
145KB
-
MD5
caa7078d47e3f6f312bbfd0a42c0b860
-
SHA1
fdd427abf10a8a7fd2e739f5917bfe0de1287fdd
-
SHA256
d1051d21993ae5df42631f40b71bc975bc913d2b93392fa9b41b0705b9949433
-
SHA512
178af224ccd90025aab94c67a22ba97c0acd394629d1c013d496145418fc6455dc46ff61ad2bc7435f9f81042c24eaef51eb702197e2d51a83e9b488db46857f
-
SSDEEP
1536:JxqjQ+P04wsmJCB7GhAtoaqPsTBKGzKC61XxONq2258a7FuZ1h7t8Oj7t8al648u:sr85CIhAtGsTBYONC8a7ghCcCw648d5a
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-