General
-
Target
d04b73d07b61680bda170eb86a5a65ad62e0e3b122ff577251449e5d58bb19bcN.exe
-
Size
719KB
-
Sample
241130-zvnqvazjfm
-
MD5
d5fa75ad1ce07b13a32b8b5acd7c29f0
-
SHA1
e92121b871b9bc85fdc2d871909a33bc02e46420
-
SHA256
d04b73d07b61680bda170eb86a5a65ad62e0e3b122ff577251449e5d58bb19bc
-
SHA512
3dacc8ac1dc09298e211799f276487e72a4acf49b3781db41f0485d5451f06daf1ad9da2a55c8e421ce7a1c863bd33d46f31eec96ef2f720e68ee9b6858b6ebb
-
SSDEEP
6144:k972+Mq9zntr0sfGxhfLyYB4AYB4ruJqLOuDUm6QglV5MxqZ1zSAzSnUE4kwIz+Y:g2FqPz4UmTAV5MczzSAzStZz+p1k5
Malware Config
Targets
-
-
Target
d04b73d07b61680bda170eb86a5a65ad62e0e3b122ff577251449e5d58bb19bcN.exe
-
Size
719KB
-
MD5
d5fa75ad1ce07b13a32b8b5acd7c29f0
-
SHA1
e92121b871b9bc85fdc2d871909a33bc02e46420
-
SHA256
d04b73d07b61680bda170eb86a5a65ad62e0e3b122ff577251449e5d58bb19bc
-
SHA512
3dacc8ac1dc09298e211799f276487e72a4acf49b3781db41f0485d5451f06daf1ad9da2a55c8e421ce7a1c863bd33d46f31eec96ef2f720e68ee9b6858b6ebb
-
SSDEEP
6144:k972+Mq9zntr0sfGxhfLyYB4AYB4ruJqLOuDUm6QglV5MxqZ1zSAzSnUE4kwIz+Y:g2FqPz4UmTAV5MczzSAzStZz+p1k5
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-