General
-
Target
38511804d3d4048f96b90c929002d4553edf940290fbccf7c3e84f5936c6979f
-
Size
200KB
-
Sample
241126-1rcpvaxrbq
-
MD5
03f32da997183f0cb2300ffeb77aae30
-
SHA1
8aebe9cb8602f67faf0fd3ee2fb69179376440a3
-
SHA256
38511804d3d4048f96b90c929002d4553edf940290fbccf7c3e84f5936c6979f
-
SHA512
c408ee83e2590a6cc050c2ecb1f0e2059bd3ad6e0d5497dc8e4c3c3a1233a7413ea12052bcdcd4370928a04c6298cd283bf67e622421e2b453f834c5984aa1c6
-
SSDEEP
3072:sr85CJZ7KEpj6t1BZjb+UUT6Dydow32e9Z47cWbAoutAq3zwtX/o9:k9JBLpjIPZX+UUJAe9qFkoSH3WQ9
Malware Config
Targets
-
-
Target
38511804d3d4048f96b90c929002d4553edf940290fbccf7c3e84f5936c6979f
-
Size
200KB
-
MD5
03f32da997183f0cb2300ffeb77aae30
-
SHA1
8aebe9cb8602f67faf0fd3ee2fb69179376440a3
-
SHA256
38511804d3d4048f96b90c929002d4553edf940290fbccf7c3e84f5936c6979f
-
SHA512
c408ee83e2590a6cc050c2ecb1f0e2059bd3ad6e0d5497dc8e4c3c3a1233a7413ea12052bcdcd4370928a04c6298cd283bf67e622421e2b453f834c5984aa1c6
-
SSDEEP
3072:sr85CJZ7KEpj6t1BZjb+UUT6Dydow32e9Z47cWbAoutAq3zwtX/o9:k9JBLpjIPZX+UUJAe9qFkoSH3WQ9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-