General
-
Target
c68176df1040d13708aa47394eb561ea3e0b9486a8e7f0598889d7b2dc913e02N.exe
-
Size
325KB
-
Sample
241127-xy8t3sspbm
-
MD5
247b6733880e1ec240a7bf0f833711c0
-
SHA1
7d3d0687806de3a4cfd1aac96069781034a7f3a3
-
SHA256
c68176df1040d13708aa47394eb561ea3e0b9486a8e7f0598889d7b2dc913e02
-
SHA512
6b6602627ce6a774e9b543c86d629c1c7cc2a4c821bed4e61f9fcab56651a5b7155927cfaae089066ae19bcae84bbb4b94a08b0ff92a4cdf9a36a3b78ce61326
-
SSDEEP
3072:sr85CE76YL/2R5BaxvZ2Ms/ujEVdInSClnbQTUDlRxPr85CE7clRxP:k9yu8gMqUn7lnfBr9zn
Malware Config
Targets
-
-
Target
c68176df1040d13708aa47394eb561ea3e0b9486a8e7f0598889d7b2dc913e02N.exe
-
Size
325KB
-
MD5
247b6733880e1ec240a7bf0f833711c0
-
SHA1
7d3d0687806de3a4cfd1aac96069781034a7f3a3
-
SHA256
c68176df1040d13708aa47394eb561ea3e0b9486a8e7f0598889d7b2dc913e02
-
SHA512
6b6602627ce6a774e9b543c86d629c1c7cc2a4c821bed4e61f9fcab56651a5b7155927cfaae089066ae19bcae84bbb4b94a08b0ff92a4cdf9a36a3b78ce61326
-
SSDEEP
3072:sr85CE76YL/2R5BaxvZ2Ms/ujEVdInSClnbQTUDlRxPr85CE7clRxP:k9yu8gMqUn7lnfBr9zn
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-