General
-
Target
a72bf7d000c7238202ad4c4f6b5141314263c4c43df454ff723caf6e4d0e9765.exe
-
Size
412KB
-
Sample
241126-kfegaszkfm
-
MD5
78b9592891fdb9265ba221aef8a703f3
-
SHA1
9ba4a2a1b9aa4b0bf05e23e5dc9f2cf816ad3132
-
SHA256
a72bf7d000c7238202ad4c4f6b5141314263c4c43df454ff723caf6e4d0e9765
-
SHA512
d8fa17b8c54d487b36f7210e822fceeed2a5766142b4dcf7061b6f7e2e7e277143ff7b37cff9bb89be035e717faf296cd11f14c832bc2ce4eead94c4bac8e87b
-
SSDEEP
6144:k92eDEAOvvQg5ne4smxgHJMga2GbOoh0oD1vcMnpZ07pDnX:x82vvQgtEmxrbOobtnMFr
Malware Config
Targets
-
-
Target
a72bf7d000c7238202ad4c4f6b5141314263c4c43df454ff723caf6e4d0e9765.exe
-
Size
412KB
-
MD5
78b9592891fdb9265ba221aef8a703f3
-
SHA1
9ba4a2a1b9aa4b0bf05e23e5dc9f2cf816ad3132
-
SHA256
a72bf7d000c7238202ad4c4f6b5141314263c4c43df454ff723caf6e4d0e9765
-
SHA512
d8fa17b8c54d487b36f7210e822fceeed2a5766142b4dcf7061b6f7e2e7e277143ff7b37cff9bb89be035e717faf296cd11f14c832bc2ce4eead94c4bac8e87b
-
SSDEEP
6144:k92eDEAOvvQg5ne4smxgHJMga2GbOoh0oD1vcMnpZ07pDnX:x82vvQgtEmxrbOobtnMFr
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-