General
-
Target
06d906c884cf44d070af9b37f1eb630e3f4d4d51965051c977308dae53a7ee13N.exe
-
Size
173KB
-
Sample
241126-zfsfgsvnhp
-
MD5
739342ecd4ceea0512023b97ed456190
-
SHA1
3378f803fba9a33fef691d5b5a8db906af8732b9
-
SHA256
06d906c884cf44d070af9b37f1eb630e3f4d4d51965051c977308dae53a7ee13
-
SHA512
c1338f28c652545982ece4097a850d97978730ee1ed4b970583db679a653319dcb7512d286219a54a8734d6664862313973c878067edc35c12273866b14fd25e
-
SSDEEP
3072:sr85CVooxlgKfSndp0CZtMHpz68Ab7jr85C:k9VFgKadJxD9
Malware Config
Targets
-
-
Target
06d906c884cf44d070af9b37f1eb630e3f4d4d51965051c977308dae53a7ee13N.exe
-
Size
173KB
-
MD5
739342ecd4ceea0512023b97ed456190
-
SHA1
3378f803fba9a33fef691d5b5a8db906af8732b9
-
SHA256
06d906c884cf44d070af9b37f1eb630e3f4d4d51965051c977308dae53a7ee13
-
SHA512
c1338f28c652545982ece4097a850d97978730ee1ed4b970583db679a653319dcb7512d286219a54a8734d6664862313973c878067edc35c12273866b14fd25e
-
SSDEEP
3072:sr85CVooxlgKfSndp0CZtMHpz68Ab7jr85C:k9VFgKadJxD9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-