General
-
Target
80db8ec41509bccca6dcee4c771eb05fed879470fa032a1b9402798d1aa15f6a
-
Size
1.1MB
-
Sample
241125-a64trsvlbq
-
MD5
88a7dcf9565f0426331c57d79b9258d5
-
SHA1
b44e5720c7d8208c72a8eaf375b59e991030df92
-
SHA256
80db8ec41509bccca6dcee4c771eb05fed879470fa032a1b9402798d1aa15f6a
-
SHA512
295a05a7af2fcd6bd6bccda29e8fa424e08cd91d9c32cd75d6793cd22cdaf0181a7aa3d7f3ce366c74ac47aca99abf1b77c00a97cffe05c1dcf11f5edafeedbb
-
SSDEEP
12288:U7mxgK9ygLUP4y+KhcZ3SKKrea/PjLe4hVodAEbaNeCvlFRx6RWIzpAkoe33wUm:dl9F/XKuZ3SKKrLXXdhV+AXz6k49E
Malware Config
Targets
-
-
Target
80db8ec41509bccca6dcee4c771eb05fed879470fa032a1b9402798d1aa15f6a
-
Size
1.1MB
-
MD5
88a7dcf9565f0426331c57d79b9258d5
-
SHA1
b44e5720c7d8208c72a8eaf375b59e991030df92
-
SHA256
80db8ec41509bccca6dcee4c771eb05fed879470fa032a1b9402798d1aa15f6a
-
SHA512
295a05a7af2fcd6bd6bccda29e8fa424e08cd91d9c32cd75d6793cd22cdaf0181a7aa3d7f3ce366c74ac47aca99abf1b77c00a97cffe05c1dcf11f5edafeedbb
-
SSDEEP
12288:U7mxgK9ygLUP4y+KhcZ3SKKrea/PjLe4hVodAEbaNeCvlFRx6RWIzpAkoe33wUm:dl9F/XKuZ3SKKrLXXdhV+AXz6k49E
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-