General
-
Target
9508882e501a95425091d1864029213620cad091ea7d3dfd9bc860ae23f78efdN.exe
-
Size
844KB
-
Sample
241118-3k8j2sybkr
-
MD5
f1821e1c55188e17548e900a1f959e20
-
SHA1
b999e27416bf0fe328b317f2e01d04a136440262
-
SHA256
9508882e501a95425091d1864029213620cad091ea7d3dfd9bc860ae23f78efd
-
SHA512
0cd741575b6d0c3ef53fc08a1c5fa891ce70b9bfb4c8127c19a7e3c9186cf23a086cae43145946a2a33f9a264bdafaf6bbc8869be181a99e7d9215cf406dfafc
-
SSDEEP
12288:3M8dLT1gAlSxyVMxPIloRzdl089c7hU0oTKA9yYitBcx6ac3:9dLTTL+hzdlpghU0oVgYitBU6aw
Malware Config
Targets
-
-
Target
9508882e501a95425091d1864029213620cad091ea7d3dfd9bc860ae23f78efdN.exe
-
Size
844KB
-
MD5
f1821e1c55188e17548e900a1f959e20
-
SHA1
b999e27416bf0fe328b317f2e01d04a136440262
-
SHA256
9508882e501a95425091d1864029213620cad091ea7d3dfd9bc860ae23f78efd
-
SHA512
0cd741575b6d0c3ef53fc08a1c5fa891ce70b9bfb4c8127c19a7e3c9186cf23a086cae43145946a2a33f9a264bdafaf6bbc8869be181a99e7d9215cf406dfafc
-
SSDEEP
12288:3M8dLT1gAlSxyVMxPIloRzdl089c7hU0oTKA9yYitBcx6ac3:9dLTTL+hzdlpghU0oVgYitBU6aw
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-