General
-
Target
8a720f62737d4ca0b479083ddb7834cd94673a0b821bfbd60913c1329c825d77.exe
-
Size
7.0MB
-
Sample
241127-2xcsgazran
-
MD5
062b0e0b1ed4d198852647205998bbf3
-
SHA1
4f58fa0506f4105454aaf9b2b4453e11940d2484
-
SHA256
8a720f62737d4ca0b479083ddb7834cd94673a0b821bfbd60913c1329c825d77
-
SHA512
35691d808fd1b84deed77706ba956939360960250d8fa1c2d9dde609268c173e8266a63d0c50484910220b693cec43e064e990815d83427f55f633501e040d86
-
SSDEEP
98304:cA+2LWamCm7fXxMLEO1s4lJ1okbGCz2AEpmRQvFLXDlfseNHu:g6v1hG/AEpmavFLXesHu
Malware Config
Targets
-
-
Target
8a720f62737d4ca0b479083ddb7834cd94673a0b821bfbd60913c1329c825d77.exe
-
Size
7.0MB
-
MD5
062b0e0b1ed4d198852647205998bbf3
-
SHA1
4f58fa0506f4105454aaf9b2b4453e11940d2484
-
SHA256
8a720f62737d4ca0b479083ddb7834cd94673a0b821bfbd60913c1329c825d77
-
SHA512
35691d808fd1b84deed77706ba956939360960250d8fa1c2d9dde609268c173e8266a63d0c50484910220b693cec43e064e990815d83427f55f633501e040d86
-
SSDEEP
98304:cA+2LWamCm7fXxMLEO1s4lJ1okbGCz2AEpmRQvFLXDlfseNHu:g6v1hG/AEpmavFLXesHu
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-