General
-
Target
6b0a02dac907e95a899f5aa6e540d4a5c76dcd9f136da44eff496040ddfabbf6N.exe
-
Size
404KB
-
Sample
241125-qchmfaxqex
-
MD5
7669095339ef3ba8ecc243fb764db290
-
SHA1
4e91ef6578b193835750804d62100ccddf6629e9
-
SHA256
6b0a02dac907e95a899f5aa6e540d4a5c76dcd9f136da44eff496040ddfabbf6
-
SHA512
56bb7fccdedcd7a42a8630d9cee0f26577e547f60933578db1a53a7daaef72990c26a6c63fff53b29626f513c83fa5d471a126144e9fef6c26b2840258850937
-
SSDEEP
6144:k9pYXf9sWreD5D+Ox1hwDXPtBSp5GL9p:uYX45D+QSTtoTG
Malware Config
Targets
-
-
Target
6b0a02dac907e95a899f5aa6e540d4a5c76dcd9f136da44eff496040ddfabbf6N.exe
-
Size
404KB
-
MD5
7669095339ef3ba8ecc243fb764db290
-
SHA1
4e91ef6578b193835750804d62100ccddf6629e9
-
SHA256
6b0a02dac907e95a899f5aa6e540d4a5c76dcd9f136da44eff496040ddfabbf6
-
SHA512
56bb7fccdedcd7a42a8630d9cee0f26577e547f60933578db1a53a7daaef72990c26a6c63fff53b29626f513c83fa5d471a126144e9fef6c26b2840258850937
-
SSDEEP
6144:k9pYXf9sWreD5D+Ox1hwDXPtBSp5GL9p:uYX45D+QSTtoTG
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-