General
-
Target
d07f9043cc844cb33f892b4b69c34276680bccbea035f7fab8b3590d9a6ec12f
-
Size
5.3MB
-
Sample
241125-ew37pstpeq
-
MD5
db58dc182212b01aabab5263b379e694
-
SHA1
b3e5bcb133d786efd5cb8802207656fd05c86172
-
SHA256
d07f9043cc844cb33f892b4b69c34276680bccbea035f7fab8b3590d9a6ec12f
-
SHA512
3505dbaa2dbdf7ae48877cf5de5415ec1c560fd92032357f2098351cd781fa1a6af59e017f5d6cd8f97ad37893a091005fc48e8afb7f5d20b179e0553605b25a
-
SSDEEP
98304:rnwUaw19nTKZ6Oo32kxlYWWDV2ED7hXYkMAXL95nnLONXauZeHV8nCX:rnbLeo1YWWUuBYkrh5nLOV0CY
Malware Config
Targets
-
-
Target
d07f9043cc844cb33f892b4b69c34276680bccbea035f7fab8b3590d9a6ec12f
-
Size
5.3MB
-
MD5
db58dc182212b01aabab5263b379e694
-
SHA1
b3e5bcb133d786efd5cb8802207656fd05c86172
-
SHA256
d07f9043cc844cb33f892b4b69c34276680bccbea035f7fab8b3590d9a6ec12f
-
SHA512
3505dbaa2dbdf7ae48877cf5de5415ec1c560fd92032357f2098351cd781fa1a6af59e017f5d6cd8f97ad37893a091005fc48e8afb7f5d20b179e0553605b25a
-
SSDEEP
98304:rnwUaw19nTKZ6Oo32kxlYWWDV2ED7hXYkMAXL95nnLONXauZeHV8nCX:rnbLeo1YWWUuBYkrh5nLOV0CY
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-