General
-
Target
aeee6cade26ce6f639cc2061bf7b1a91a38db06b3bea2658727e2a1a3c8706adN.exe
-
Size
252KB
-
Sample
241130-jz2khatkcj
-
MD5
aae4572fdb980aed25d39640b38a9130
-
SHA1
810b8aefbd022a7d60d513164c611f3c46767a80
-
SHA256
aeee6cade26ce6f639cc2061bf7b1a91a38db06b3bea2658727e2a1a3c8706ad
-
SHA512
715d769b619e1d15064add238fc6bf78320fb0e7d5bbfd2b4c0012439a01ccb83bdfab56b6a2ebfdd40a7a7f8f50917797e88287c22dfd2ceb8169bfcf9cf405
-
SSDEEP
3072:sr85ChwgmXResbMrGZ+4I1UsP4CgmxhKBt8pRkoXRpHuMDeuo:k91sS2g1DdYC8oXnuMauo
Malware Config
Targets
-
-
Target
aeee6cade26ce6f639cc2061bf7b1a91a38db06b3bea2658727e2a1a3c8706adN.exe
-
Size
252KB
-
MD5
aae4572fdb980aed25d39640b38a9130
-
SHA1
810b8aefbd022a7d60d513164c611f3c46767a80
-
SHA256
aeee6cade26ce6f639cc2061bf7b1a91a38db06b3bea2658727e2a1a3c8706ad
-
SHA512
715d769b619e1d15064add238fc6bf78320fb0e7d5bbfd2b4c0012439a01ccb83bdfab56b6a2ebfdd40a7a7f8f50917797e88287c22dfd2ceb8169bfcf9cf405
-
SSDEEP
3072:sr85ChwgmXResbMrGZ+4I1UsP4CgmxhKBt8pRkoXRpHuMDeuo:k91sS2g1DdYC8oXnuMauo
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-