General
-
Target
3e044f99952802a1c2a932dea88b577979e8edb3fd6d42561335355754181448N.exe
-
Size
90KB
-
Sample
241130-jfpftssqap
-
MD5
705b2534b4128d4c3a9dbf6233160dd0
-
SHA1
0dd5ed3513522938059367e30acdd0a86737ee74
-
SHA256
3e044f99952802a1c2a932dea88b577979e8edb3fd6d42561335355754181448
-
SHA512
e4103ae738d62e1a3a9cafb6953dde7774b91f4830d6f6731c568eb7621ffe8b10ad0b4f13fed5ee9171a83b8775d434150d78929b761d11a5c3f9e012ae4127
-
SSDEEP
1536:JxqjQ+P04wsmJCfrbUFhf+q8RYLFCE7YekcbQSn3n:sr85CfrIyYBD
Malware Config
Targets
-
-
Target
3e044f99952802a1c2a932dea88b577979e8edb3fd6d42561335355754181448N.exe
-
Size
90KB
-
MD5
705b2534b4128d4c3a9dbf6233160dd0
-
SHA1
0dd5ed3513522938059367e30acdd0a86737ee74
-
SHA256
3e044f99952802a1c2a932dea88b577979e8edb3fd6d42561335355754181448
-
SHA512
e4103ae738d62e1a3a9cafb6953dde7774b91f4830d6f6731c568eb7621ffe8b10ad0b4f13fed5ee9171a83b8775d434150d78929b761d11a5c3f9e012ae4127
-
SSDEEP
1536:JxqjQ+P04wsmJCfrbUFhf+q8RYLFCE7YekcbQSn3n:sr85CfrIyYBD
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-