General
-
Target
9c9513cfb83e8b63446a0c9451504b09ce8ff058b1207a30c0a6ad2e05f7aefbN.exe
-
Size
412KB
-
Sample
241125-zjbbdaskbm
-
MD5
3948f31471d617bcc6fec061eb3d0b50
-
SHA1
ea0f8361a1c07043e1e621597f792d60a617c62f
-
SHA256
9c9513cfb83e8b63446a0c9451504b09ce8ff058b1207a30c0a6ad2e05f7aefb
-
SHA512
dbef6162ee069ccb03d2f2f4e132dd26a3577f653d435739d090d3543e09b28af9c6a572a76b82dc624c511380dafec24e213fc31d1767ae12467d468d840f4a
-
SSDEEP
6144:k92eDEAOvvQg5ne4smxgHJMga2GbOoh0oD1vcMnpZ07pDnt:x82vvQgtEmxrbOobtnMFJ
Malware Config
Targets
-
-
Target
9c9513cfb83e8b63446a0c9451504b09ce8ff058b1207a30c0a6ad2e05f7aefbN.exe
-
Size
412KB
-
MD5
3948f31471d617bcc6fec061eb3d0b50
-
SHA1
ea0f8361a1c07043e1e621597f792d60a617c62f
-
SHA256
9c9513cfb83e8b63446a0c9451504b09ce8ff058b1207a30c0a6ad2e05f7aefb
-
SHA512
dbef6162ee069ccb03d2f2f4e132dd26a3577f653d435739d090d3543e09b28af9c6a572a76b82dc624c511380dafec24e213fc31d1767ae12467d468d840f4a
-
SSDEEP
6144:k92eDEAOvvQg5ne4smxgHJMga2GbOoh0oD1vcMnpZ07pDnt:x82vvQgtEmxrbOobtnMFJ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-