General
-
Target
5efe5af3a81f92d91ffbf18f05a49024f97a9ec7cc5e7547eabd23de05912a87
-
Size
868KB
-
Sample
241123-2yskba1ldw
-
MD5
33fa3c2f5237478b134d64fc07b0491b
-
SHA1
ad83ed224c34a2b962c3d5e08303449676c11f4e
-
SHA256
5efe5af3a81f92d91ffbf18f05a49024f97a9ec7cc5e7547eabd23de05912a87
-
SHA512
ac5499f6ed63f75506bce69286a5e38cea25fa856c7426a76b6d0dfccf94dd095b9921b53b9c7d027f0a430c76dfcb72909913cb353a5cd0c50bc6c8e89297dc
-
SSDEEP
24576:3T0acJXO+3hlPA5UkS/0grtrDpH6mytQy4OuRhVSxO:BchO+rA5jsrtr56AbRMO
Malware Config
Targets
-
-
Target
5efe5af3a81f92d91ffbf18f05a49024f97a9ec7cc5e7547eabd23de05912a87
-
Size
868KB
-
MD5
33fa3c2f5237478b134d64fc07b0491b
-
SHA1
ad83ed224c34a2b962c3d5e08303449676c11f4e
-
SHA256
5efe5af3a81f92d91ffbf18f05a49024f97a9ec7cc5e7547eabd23de05912a87
-
SHA512
ac5499f6ed63f75506bce69286a5e38cea25fa856c7426a76b6d0dfccf94dd095b9921b53b9c7d027f0a430c76dfcb72909913cb353a5cd0c50bc6c8e89297dc
-
SSDEEP
24576:3T0acJXO+3hlPA5UkS/0grtrDpH6mytQy4OuRhVSxO:BchO+rA5jsrtr56AbRMO
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-