General
-
Target
2c4bc83403c7de57d8d0da00fa55d73f8f19c521a0a7245be15172098b094cd0N.exe
-
Size
240KB
-
Sample
241126-k9p5wsvlgv
-
MD5
fc7a51c4ac8d7cb81a833b90a699c3f0
-
SHA1
266323b6fad483b8bda8348e225a4f8c899cf996
-
SHA256
2c4bc83403c7de57d8d0da00fa55d73f8f19c521a0a7245be15172098b094cd0
-
SHA512
2ab2294bc444a684bc41fa9d2317a1ac164ffc506230e34d9cb9b1ef0b1cfdb9cc33870911043a8aa69dc3dcc35ec1d71de2e3dab917abd25dd8bdcecf370024
-
SSDEEP
3072:sr85CwzK8Ezz4MBIvQAkb0gVPrmeo90o8sr8QCJIg43a/LVdJyh:k9wjEzzrBIO08QxgVdC
Malware Config
Targets
-
-
Target
2c4bc83403c7de57d8d0da00fa55d73f8f19c521a0a7245be15172098b094cd0N.exe
-
Size
240KB
-
MD5
fc7a51c4ac8d7cb81a833b90a699c3f0
-
SHA1
266323b6fad483b8bda8348e225a4f8c899cf996
-
SHA256
2c4bc83403c7de57d8d0da00fa55d73f8f19c521a0a7245be15172098b094cd0
-
SHA512
2ab2294bc444a684bc41fa9d2317a1ac164ffc506230e34d9cb9b1ef0b1cfdb9cc33870911043a8aa69dc3dcc35ec1d71de2e3dab917abd25dd8bdcecf370024
-
SSDEEP
3072:sr85CwzK8Ezz4MBIvQAkb0gVPrmeo90o8sr8QCJIg43a/LVdJyh:k9wjEzzrBIO08QxgVdC
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-