General
-
Target
4d6f56358f9407c1f404728ccc70c36ed41942cdcab6658045a17e1d0308223b
-
Size
1.3MB
-
Sample
241115-1rbsjstbjl
-
MD5
1910bca72ea1b731aaa67b12271a7248
-
SHA1
ac1780d5c694956faa51f9ed22034322deef2bc0
-
SHA256
4d6f56358f9407c1f404728ccc70c36ed41942cdcab6658045a17e1d0308223b
-
SHA512
a375f6e36dcb07015472bd313a1869b4cefae29ea2857a5d269ba60b451c21cf3136d112210e7ba0f38426333b67f5424b2c0ba00acb86e9ad66d9baa21a9d54
-
SSDEEP
24576:xRbMoyj2HEcjRDbUXpafKYvHbPITNLmmb0b9hLP/3xSvcXvEUGHe5UKCTK+u+nmK:xRbMo+RcjRXuafhmbY9hLP/3xkePCT9f
Malware Config
Targets
-
-
Target
4d6f56358f9407c1f404728ccc70c36ed41942cdcab6658045a17e1d0308223b
-
Size
1.3MB
-
MD5
1910bca72ea1b731aaa67b12271a7248
-
SHA1
ac1780d5c694956faa51f9ed22034322deef2bc0
-
SHA256
4d6f56358f9407c1f404728ccc70c36ed41942cdcab6658045a17e1d0308223b
-
SHA512
a375f6e36dcb07015472bd313a1869b4cefae29ea2857a5d269ba60b451c21cf3136d112210e7ba0f38426333b67f5424b2c0ba00acb86e9ad66d9baa21a9d54
-
SSDEEP
24576:xRbMoyj2HEcjRDbUXpafKYvHbPITNLmmb0b9hLP/3xSvcXvEUGHe5UKCTK+u+nmK:xRbMo+RcjRXuafhmbY9hLP/3xkePCT9f
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-