General
-
Target
8d366c89609ca05337827e7c1800f1c45383e3674be6c1740822f0b2d6c93181N.exe
-
Size
854KB
-
Sample
241201-xm2avstkgj
-
MD5
92f8c876530ddb8a21a4bd1f655fc0f0
-
SHA1
d8740211d01836f76aad705102a99d80dffdcb09
-
SHA256
8d366c89609ca05337827e7c1800f1c45383e3674be6c1740822f0b2d6c93181
-
SHA512
6464f41e51bcdbed4e1cc7565a326cf318ab675405f83a2dd4800cbb0a711b9bf0933c95d43ed38d71d2599b914c74e19245264c87034f63c40f8dd3500b7682
-
SSDEEP
12288:JMZ7nce3PUtUsF+pmMbWyYG464IN34DNRvjsnvjoC++DGN0kgm5+Rz6F:2RXcfF+pSeNeLvjsvjY+DGN0kgm5lF
Malware Config
Targets
-
-
Target
8d366c89609ca05337827e7c1800f1c45383e3674be6c1740822f0b2d6c93181N.exe
-
Size
854KB
-
MD5
92f8c876530ddb8a21a4bd1f655fc0f0
-
SHA1
d8740211d01836f76aad705102a99d80dffdcb09
-
SHA256
8d366c89609ca05337827e7c1800f1c45383e3674be6c1740822f0b2d6c93181
-
SHA512
6464f41e51bcdbed4e1cc7565a326cf318ab675405f83a2dd4800cbb0a711b9bf0933c95d43ed38d71d2599b914c74e19245264c87034f63c40f8dd3500b7682
-
SSDEEP
12288:JMZ7nce3PUtUsF+pmMbWyYG464IN34DNRvjsnvjoC++DGN0kgm5+Rz6F:2RXcfF+pSeNeLvjsvjY+DGN0kgm5lF
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-