General
-
Target
1c1b77692d3a593ee16dd40632845d5692fa821490234eb8e69c1619d7d6778cN.exe
-
Size
826KB
-
Sample
241117-hpvhrsthqr
-
MD5
2e94bb48534d82975039b48aaf77d6d0
-
SHA1
d3fe95d42d5012157b2be988e9024aa0877538cc
-
SHA256
1c1b77692d3a593ee16dd40632845d5692fa821490234eb8e69c1619d7d6778c
-
SHA512
0bdf71892f02ac7b76a6e36d8e6b3e48c79d3144e1943d9682a17f47dfde208340556006fadeed00017ca0964898e44d7c944ccaa11b3f48cccca94439cdf1ee
-
SSDEEP
12288:ItffLBk3Q45wU0/St0Z4j9lAx5ylTxEIyTXuZYEA6:I9uQ45oyj9lE5yFuTX/16
Malware Config
Targets
-
-
Target
1c1b77692d3a593ee16dd40632845d5692fa821490234eb8e69c1619d7d6778cN.exe
-
Size
826KB
-
MD5
2e94bb48534d82975039b48aaf77d6d0
-
SHA1
d3fe95d42d5012157b2be988e9024aa0877538cc
-
SHA256
1c1b77692d3a593ee16dd40632845d5692fa821490234eb8e69c1619d7d6778c
-
SHA512
0bdf71892f02ac7b76a6e36d8e6b3e48c79d3144e1943d9682a17f47dfde208340556006fadeed00017ca0964898e44d7c944ccaa11b3f48cccca94439cdf1ee
-
SSDEEP
12288:ItffLBk3Q45wU0/St0Z4j9lAx5ylTxEIyTXuZYEA6:I9uQ45oyj9lE5yFuTX/16
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-