General
-
Target
681032e44d3bc984481251c103019f4b9472117f9b11f1680a16f58f3acd31d7N.exe
-
Size
1.1MB
-
Sample
241119-trbn8ayfmj
-
MD5
90de78b92c95d736a8ece8de2b28efa0
-
SHA1
30dd04b48fae5fd8a1350f3cf47fbcc833df432b
-
SHA256
681032e44d3bc984481251c103019f4b9472117f9b11f1680a16f58f3acd31d7
-
SHA512
e38785234270c3f894564cc94d36660a160d76dd1d8d8a4f1cd32ec6fa1c2156dc7b6f6cf138be7af4077fe48c47721811303fe19365c705ff62d72e973c165b
-
SSDEEP
24576:o+/9A2YCDLq10eyJJe9Dx3qseCYVfuyZWcfwpg4V12qDUifJ4KNX2DHbs7+UA3lH:19A4LqD+66qJ3vNGDHg7vQUu
Malware Config
Targets
-
-
Target
681032e44d3bc984481251c103019f4b9472117f9b11f1680a16f58f3acd31d7N.exe
-
Size
1.1MB
-
MD5
90de78b92c95d736a8ece8de2b28efa0
-
SHA1
30dd04b48fae5fd8a1350f3cf47fbcc833df432b
-
SHA256
681032e44d3bc984481251c103019f4b9472117f9b11f1680a16f58f3acd31d7
-
SHA512
e38785234270c3f894564cc94d36660a160d76dd1d8d8a4f1cd32ec6fa1c2156dc7b6f6cf138be7af4077fe48c47721811303fe19365c705ff62d72e973c165b
-
SSDEEP
24576:o+/9A2YCDLq10eyJJe9Dx3qseCYVfuyZWcfwpg4V12qDUifJ4KNX2DHbs7+UA3lH:19A4LqD+66qJ3vNGDHg7vQUu
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-