General
-
Target
92d81b983026114f92dc900fa51ff57f3481a25667fc519a3a2184bf3a1f91d4N.exe
-
Size
4.7MB
-
Sample
241130-hvkkraslaj
-
MD5
828fe88947b73547a8b077cd93b9f1f0
-
SHA1
9e032dea763f844dd9f72b350dbf7442e21e6ccd
-
SHA256
92d81b983026114f92dc900fa51ff57f3481a25667fc519a3a2184bf3a1f91d4
-
SHA512
7ee652bc7e86a82c2c158ca43937f2a7c868d6d58e6662e943eecebd9550e3911559e4e8e0248d6db7e34cb0f4ade44d2e1bc123a5c15b1d241f2ca14fa1d567
-
SSDEEP
98304:xX1ZA1BP/OlsLzFmNfW6FJKxxfZA4d8aaNRQkZyZ1ARa:PZAD8dRQk4Z1ARa
Malware Config
Targets
-
-
Target
92d81b983026114f92dc900fa51ff57f3481a25667fc519a3a2184bf3a1f91d4N.exe
-
Size
4.7MB
-
MD5
828fe88947b73547a8b077cd93b9f1f0
-
SHA1
9e032dea763f844dd9f72b350dbf7442e21e6ccd
-
SHA256
92d81b983026114f92dc900fa51ff57f3481a25667fc519a3a2184bf3a1f91d4
-
SHA512
7ee652bc7e86a82c2c158ca43937f2a7c868d6d58e6662e943eecebd9550e3911559e4e8e0248d6db7e34cb0f4ade44d2e1bc123a5c15b1d241f2ca14fa1d567
-
SSDEEP
98304:xX1ZA1BP/OlsLzFmNfW6FJKxxfZA4d8aaNRQkZyZ1ARa:PZAD8dRQk4Z1ARa
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-