General
-
Target
2b77ba6432246dc22ae07115b8944b11470920f30d4b8e1e421a351609700499
-
Size
230KB
-
Sample
241202-zcfyaa1ngy
-
MD5
35ae5712554b07254555a34f4fc456c5
-
SHA1
3be7f2f18ce572890097f42885c33122954980df
-
SHA256
2b77ba6432246dc22ae07115b8944b11470920f30d4b8e1e421a351609700499
-
SHA512
6360131a8e995c9f566bbe3455c5f0816df39595dffef4a56d0ed4e2679e78940e49ff24ea1e4a5d7c0f723103e00e0a1c3b084b88e47b8154bd04f13cca2c91
-
SSDEEP
3072:sr85C5xk+WI0opiKyD/IOSfS0GJKqNtmxmAPxhlQeOfjR2cVsr85C:k95xk7ooBo1G7wmApQeON2cVk9
Malware Config
Targets
-
-
Target
2b77ba6432246dc22ae07115b8944b11470920f30d4b8e1e421a351609700499
-
Size
230KB
-
MD5
35ae5712554b07254555a34f4fc456c5
-
SHA1
3be7f2f18ce572890097f42885c33122954980df
-
SHA256
2b77ba6432246dc22ae07115b8944b11470920f30d4b8e1e421a351609700499
-
SHA512
6360131a8e995c9f566bbe3455c5f0816df39595dffef4a56d0ed4e2679e78940e49ff24ea1e4a5d7c0f723103e00e0a1c3b084b88e47b8154bd04f13cca2c91
-
SSDEEP
3072:sr85C5xk+WI0opiKyD/IOSfS0GJKqNtmxmAPxhlQeOfjR2cVsr85C:k95xk7ooBo1G7wmApQeON2cVk9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-