General
-
Target
6660e4255ba5681d1a70911c2da37cf051989ed684967c0cd6b80c9132ac7702.exe
-
Size
242KB
-
Sample
241119-z28dtssfmf
-
MD5
27df16747810b177de3ab7e1314eb6d6
-
SHA1
ba17bfc5f15b175cc605eae20b49342246dfaa30
-
SHA256
6660e4255ba5681d1a70911c2da37cf051989ed684967c0cd6b80c9132ac7702
-
SHA512
ea86e7f6d378175b293e1d38a3b2204e3ea0a11ceb17382475c398cd5bf85b0412928c34cf4bfee29d6207bc1c637b8bb38b29ea2d92df8327f3916a3bdffaab
-
SSDEEP
3072:sr85CKY33k4G7H+XtVXZMSmAxTeK1+31RP98NIMRUi/0OZZReUPFewA/Y:k9KY33k4Gjm+31Rqf0OpeUPkD/Y
Malware Config
Targets
-
-
Target
6660e4255ba5681d1a70911c2da37cf051989ed684967c0cd6b80c9132ac7702.exe
-
Size
242KB
-
MD5
27df16747810b177de3ab7e1314eb6d6
-
SHA1
ba17bfc5f15b175cc605eae20b49342246dfaa30
-
SHA256
6660e4255ba5681d1a70911c2da37cf051989ed684967c0cd6b80c9132ac7702
-
SHA512
ea86e7f6d378175b293e1d38a3b2204e3ea0a11ceb17382475c398cd5bf85b0412928c34cf4bfee29d6207bc1c637b8bb38b29ea2d92df8327f3916a3bdffaab
-
SSDEEP
3072:sr85CKY33k4G7H+XtVXZMSmAxTeK1+31RP98NIMRUi/0OZZReUPFewA/Y:k9KY33k4Gjm+31Rqf0OpeUPkD/Y
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-