General
-
Target
de291eca2a471887a85b0568cd25a13bc55df4f62412be9af57cf8b6e1007059
-
Size
832KB
-
Sample
241201-ek4dbswnav
-
MD5
5989e7e366fa54b10e3bcafc0837de80
-
SHA1
5c8ffa268d3f3facf4cc580b3e0dac401e706645
-
SHA256
de291eca2a471887a85b0568cd25a13bc55df4f62412be9af57cf8b6e1007059
-
SHA512
8906822bf94c15b00bc8efe9a3b9e1e0d0ee74c3dec41a0727199aa2ea9e7e40f3bdbe671d3006c75d43644b63a38e18a4f271d2b6c1bf33371f3074ffab648a
-
SSDEEP
24576:TIE5N3uQNiTN3VekMh9B9px/v3vnh4dmkaRI9JEe:TqQNiTN3aaJ9
Malware Config
Targets
-
-
Target
de291eca2a471887a85b0568cd25a13bc55df4f62412be9af57cf8b6e1007059
-
Size
832KB
-
MD5
5989e7e366fa54b10e3bcafc0837de80
-
SHA1
5c8ffa268d3f3facf4cc580b3e0dac401e706645
-
SHA256
de291eca2a471887a85b0568cd25a13bc55df4f62412be9af57cf8b6e1007059
-
SHA512
8906822bf94c15b00bc8efe9a3b9e1e0d0ee74c3dec41a0727199aa2ea9e7e40f3bdbe671d3006c75d43644b63a38e18a4f271d2b6c1bf33371f3074ffab648a
-
SSDEEP
24576:TIE5N3uQNiTN3VekMh9B9px/v3vnh4dmkaRI9JEe:TqQNiTN3aaJ9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-