General
-
Target
f3289e5f182034250198a4b98a6ecd432c8e4115abd643bf2b54f4d53d657dce.exe
-
Size
146KB
-
Sample
241126-gbnbvsxkfs
-
MD5
c227d66f141fa1a506166c8b97d7b794
-
SHA1
317851a8b00dab7e10a55907028eceb48fd75fbf
-
SHA256
f3289e5f182034250198a4b98a6ecd432c8e4115abd643bf2b54f4d53d657dce
-
SHA512
dada18f5a0b31bd42f69786604f0a83c27dfcfb978257497c66592916937f5c114840a4d1c13a40abd3c5fce29d5cf92b2fcb439f4b15e683535b3ef32960e09
-
SSDEEP
3072:sr85CkkbAYn2GgYlBYN2fHYTo+tMt8wDSRUTZ:k9xbAMpgY3gTW8DRUTZ
Malware Config
Targets
-
-
Target
f3289e5f182034250198a4b98a6ecd432c8e4115abd643bf2b54f4d53d657dce.exe
-
Size
146KB
-
MD5
c227d66f141fa1a506166c8b97d7b794
-
SHA1
317851a8b00dab7e10a55907028eceb48fd75fbf
-
SHA256
f3289e5f182034250198a4b98a6ecd432c8e4115abd643bf2b54f4d53d657dce
-
SHA512
dada18f5a0b31bd42f69786604f0a83c27dfcfb978257497c66592916937f5c114840a4d1c13a40abd3c5fce29d5cf92b2fcb439f4b15e683535b3ef32960e09
-
SSDEEP
3072:sr85CkkbAYn2GgYlBYN2fHYTo+tMt8wDSRUTZ:k9xbAMpgY3gTW8DRUTZ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-