General
-
Target
eb1c2cd4e28ee72651f2c9d76cdf18dc4c3e55efa97d921b36909b89df1f1cbdN.exe
-
Size
265KB
-
Sample
241130-eb7dma1jcv
-
MD5
929bc96cc8deb8a5637e2a8bfa1e30f0
-
SHA1
7f2a6af568cc7b067554444e1708c5081a8fc664
-
SHA256
eb1c2cd4e28ee72651f2c9d76cdf18dc4c3e55efa97d921b36909b89df1f1cbd
-
SHA512
17e2e116d9d0724756322673818338ad4f5fece1c03c8e79174b3ce4aa987b8d436e858022f94c9d6d6110b3e0e7ba57f017f55bfb1ffe73d260dab77f3eafd1
-
SSDEEP
3072:sr85CVLpp4bVWWwokzaLS+z9R4DJQPk4VsLwJ1JkxMqXyryr85Cxr85C:k9JOw/OLSvY9sLwfTqXj9N9
Malware Config
Targets
-
-
Target
eb1c2cd4e28ee72651f2c9d76cdf18dc4c3e55efa97d921b36909b89df1f1cbdN.exe
-
Size
265KB
-
MD5
929bc96cc8deb8a5637e2a8bfa1e30f0
-
SHA1
7f2a6af568cc7b067554444e1708c5081a8fc664
-
SHA256
eb1c2cd4e28ee72651f2c9d76cdf18dc4c3e55efa97d921b36909b89df1f1cbd
-
SHA512
17e2e116d9d0724756322673818338ad4f5fece1c03c8e79174b3ce4aa987b8d436e858022f94c9d6d6110b3e0e7ba57f017f55bfb1ffe73d260dab77f3eafd1
-
SSDEEP
3072:sr85CVLpp4bVWWwokzaLS+z9R4DJQPk4VsLwJ1JkxMqXyryr85Cxr85C:k9JOw/OLSvY9sLwfTqXj9N9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-