General
-
Target
4a7b27fdc9414ef3ad71c40a3874b05a42b76048dc025f52ab161da542e3ea06.exe
-
Size
3.0MB
-
Sample
241204-fed2xssngs
-
MD5
43e05292622d4632d050a71bca603d67
-
SHA1
154563d7469ac6fbd6d1996cdd2982cb9927d470
-
SHA256
4a7b27fdc9414ef3ad71c40a3874b05a42b76048dc025f52ab161da542e3ea06
-
SHA512
a41271d8570f01fa785b95a43486d560e5f8d3330fd2c3b06c7c25428bd3ac9721022bcc64a7080d16a32063cc9eb85b3ffa9f55331078495d79dac06a784a99
-
SSDEEP
49152:DBzyOBfJXAiXyeU5LsNi1fvlOUFm3hVChe/yB9cDt/NUOVKH3WQGMtE8qmbzy4J5:DBzyOBfKig5LsN81TyQh2yELUO0F+8P/
Malware Config
Targets
-
-
Target
4a7b27fdc9414ef3ad71c40a3874b05a42b76048dc025f52ab161da542e3ea06.exe
-
Size
3.0MB
-
MD5
43e05292622d4632d050a71bca603d67
-
SHA1
154563d7469ac6fbd6d1996cdd2982cb9927d470
-
SHA256
4a7b27fdc9414ef3ad71c40a3874b05a42b76048dc025f52ab161da542e3ea06
-
SHA512
a41271d8570f01fa785b95a43486d560e5f8d3330fd2c3b06c7c25428bd3ac9721022bcc64a7080d16a32063cc9eb85b3ffa9f55331078495d79dac06a784a99
-
SSDEEP
49152:DBzyOBfJXAiXyeU5LsNi1fvlOUFm3hVChe/yB9cDt/NUOVKH3WQGMtE8qmbzy4J5:DBzyOBfKig5LsN81TyQh2yELUO0F+8P/
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-