General
-
Target
5e46e625f028491aab65f1af9667e9f2fc7f6219e42a273ea516f4c67eaa8d47N.exe
-
Size
3.3MB
-
Sample
241205-bs8fga1lhy
-
MD5
7a8e48e68baf8e4989d1ea30772b3870
-
SHA1
cd0f035d22dcb67153d81dcbcfb23c3865a921e7
-
SHA256
5e46e625f028491aab65f1af9667e9f2fc7f6219e42a273ea516f4c67eaa8d47
-
SHA512
e6612d76722920434d5cb36fb6564353c9f817817a635fd381fca678146bd3d5ba1c2bb41bbb406552398da90b64f8e35c8a8f36ddc0d849e23a94e7946cb74d
-
SSDEEP
98304:j55sxEvfDild7Cp2xtx4DU0psrKmQ8NAf5vZecpH/UIhkt:7sxEvfDild7Cp2xtx4DU0psrKmQ8NAf8
Malware Config
Targets
-
-
Target
5e46e625f028491aab65f1af9667e9f2fc7f6219e42a273ea516f4c67eaa8d47N.exe
-
Size
3.3MB
-
MD5
7a8e48e68baf8e4989d1ea30772b3870
-
SHA1
cd0f035d22dcb67153d81dcbcfb23c3865a921e7
-
SHA256
5e46e625f028491aab65f1af9667e9f2fc7f6219e42a273ea516f4c67eaa8d47
-
SHA512
e6612d76722920434d5cb36fb6564353c9f817817a635fd381fca678146bd3d5ba1c2bb41bbb406552398da90b64f8e35c8a8f36ddc0d849e23a94e7946cb74d
-
SSDEEP
98304:j55sxEvfDild7Cp2xtx4DU0psrKmQ8NAf5vZecpH/UIhkt:7sxEvfDild7Cp2xtx4DU0psrKmQ8NAf8
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-