General
-
Target
1ab2db3c5c59333618aebbda8b0d92dd4472a904f7bd0fdaaee63821e6da702c
-
Size
202KB
-
Sample
241119-yphf7sscmp
-
MD5
b9f8e20268001db67ad1ce23d8beaa2e
-
SHA1
ee2f0af8e91ba11b1f107b08a575a933bb7bf1e4
-
SHA256
1ab2db3c5c59333618aebbda8b0d92dd4472a904f7bd0fdaaee63821e6da702c
-
SHA512
918922ed5f886272efa89b3e9747a12dd1fd681cfc24ed6dfdb4bb285127c6e674f1e7ab43bc6b1b8453ff34add7fc739f05099fdd9332e4c4cdf252554584af
-
SSDEEP
3072:sr85Cfbs2OJiKF/ODxT5CyV9u2jNI8mGKta93TRDiicws0Ms:k9DbJ39uyNJh2wXl
Malware Config
Targets
-
-
Target
1ab2db3c5c59333618aebbda8b0d92dd4472a904f7bd0fdaaee63821e6da702c
-
Size
202KB
-
MD5
b9f8e20268001db67ad1ce23d8beaa2e
-
SHA1
ee2f0af8e91ba11b1f107b08a575a933bb7bf1e4
-
SHA256
1ab2db3c5c59333618aebbda8b0d92dd4472a904f7bd0fdaaee63821e6da702c
-
SHA512
918922ed5f886272efa89b3e9747a12dd1fd681cfc24ed6dfdb4bb285127c6e674f1e7ab43bc6b1b8453ff34add7fc739f05099fdd9332e4c4cdf252554584af
-
SSDEEP
3072:sr85Cfbs2OJiKF/ODxT5CyV9u2jNI8mGKta93TRDiicws0Ms:k9DbJ39uyNJh2wXl
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-