General
-
Target
8b068ca0e882d27c8809fca03d76a3c92ea8b54f74437d792c1ff64e0d9af57aN.exe
-
Size
108KB
-
Sample
241201-3nv35asqhr
-
MD5
8101194d35be96ec676c505f4e4144f0
-
SHA1
3bff62a487227fc420fe1b1bd0a266034e2ed7fe
-
SHA256
8b068ca0e882d27c8809fca03d76a3c92ea8b54f74437d792c1ff64e0d9af57a
-
SHA512
9263834731b986304bded1107ac17baa4cb742ba6c4a570095ae210610fb36b9a6788e964b65d4f989ff7afa6d0ea05976b335d3b5824600747b97d147937fef
-
SSDEEP
1536:JxqjQ+P04wsmJC1Vk2qsk8F+ERR8o3CiGNUc5LvWQkZ55+s0ynA:sr85Cpo8FR8o3Ci/c5LuZA
Malware Config
Targets
-
-
Target
8b068ca0e882d27c8809fca03d76a3c92ea8b54f74437d792c1ff64e0d9af57aN.exe
-
Size
108KB
-
MD5
8101194d35be96ec676c505f4e4144f0
-
SHA1
3bff62a487227fc420fe1b1bd0a266034e2ed7fe
-
SHA256
8b068ca0e882d27c8809fca03d76a3c92ea8b54f74437d792c1ff64e0d9af57a
-
SHA512
9263834731b986304bded1107ac17baa4cb742ba6c4a570095ae210610fb36b9a6788e964b65d4f989ff7afa6d0ea05976b335d3b5824600747b97d147937fef
-
SSDEEP
1536:JxqjQ+P04wsmJC1Vk2qsk8F+ERR8o3CiGNUc5LvWQkZ55+s0ynA:sr85Cpo8FR8o3Ci/c5LuZA
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-