General
-
Target
a8956fd36908a3b2f2cb831307b0b890e696debd7648843509bb7efc51ca9498N.exe
-
Size
234KB
-
Sample
241204-hcf5lswlb1
-
MD5
771bcc4a8c0ddb19f5c9bb73a6d8ed50
-
SHA1
dd755c635c3d0e4c49fdd9269ced66b3a0b7736a
-
SHA256
a8956fd36908a3b2f2cb831307b0b890e696debd7648843509bb7efc51ca9498
-
SHA512
6d2f4591e2ac1ce3826d4f5fa60a724641e4cf6e309670fd3e3bf829faa6730e6cda84dd4ffca0b52f5b5e5b2f3774bc0b50ce68cd5cdb7636ac84c9ede7a600
-
SSDEEP
1536:JxqjQ+P04wsmJCYHwReW9/YJR5lRv72O1U81cR:sr85CWC/YJTlljcR
Malware Config
Targets
-
-
Target
a8956fd36908a3b2f2cb831307b0b890e696debd7648843509bb7efc51ca9498N.exe
-
Size
234KB
-
MD5
771bcc4a8c0ddb19f5c9bb73a6d8ed50
-
SHA1
dd755c635c3d0e4c49fdd9269ced66b3a0b7736a
-
SHA256
a8956fd36908a3b2f2cb831307b0b890e696debd7648843509bb7efc51ca9498
-
SHA512
6d2f4591e2ac1ce3826d4f5fa60a724641e4cf6e309670fd3e3bf829faa6730e6cda84dd4ffca0b52f5b5e5b2f3774bc0b50ce68cd5cdb7636ac84c9ede7a600
-
SSDEEP
1536:JxqjQ+P04wsmJCYHwReW9/YJR5lRv72O1U81cR:sr85CWC/YJTlljcR
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-