General
-
Target
e16b967d465e20a0f39149273b0e350e092695784bebcc1ee2d4377ced91a998N.exe
-
Size
4.0MB
-
Sample
241124-qlhnss1mfx
-
MD5
7d2b8d6f85c00168562f5eb9ded39500
-
SHA1
198801ce21ba4243cf58c9dbefc319580ea3b81c
-
SHA256
e16b967d465e20a0f39149273b0e350e092695784bebcc1ee2d4377ced91a998
-
SHA512
93a226904bbac1954c90c94e9624c7bc0214bc9f76de23ee8fad76c258b69de76c2f11623c335e2db8f43cf73ae34c9957af52d90fb9edb25d8d4f3dd7b51bcd
-
SSDEEP
98304:7KCGgRNiPGkpfymQiRRwrGi0Csn6lNGBLSpng8NJAtmlwc8:OCgtcYwo6lULSpng8f8
Malware Config
Targets
-
-
Target
e16b967d465e20a0f39149273b0e350e092695784bebcc1ee2d4377ced91a998N.exe
-
Size
4.0MB
-
MD5
7d2b8d6f85c00168562f5eb9ded39500
-
SHA1
198801ce21ba4243cf58c9dbefc319580ea3b81c
-
SHA256
e16b967d465e20a0f39149273b0e350e092695784bebcc1ee2d4377ced91a998
-
SHA512
93a226904bbac1954c90c94e9624c7bc0214bc9f76de23ee8fad76c258b69de76c2f11623c335e2db8f43cf73ae34c9957af52d90fb9edb25d8d4f3dd7b51bcd
-
SSDEEP
98304:7KCGgRNiPGkpfymQiRRwrGi0Csn6lNGBLSpng8NJAtmlwc8:OCgtcYwo6lULSpng8f8
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-