General
-
Target
f236cb897de32dc17895d4166f2c09d096b36d0ef62b77b637d6f2d92a692978.exe
-
Size
605KB
-
Sample
241205-g1q42sskgv
-
MD5
8569e0615cff7d6516c93f3cdc0c7db8
-
SHA1
6689c298c88b4caa31e6761c36c3d5eb73944099
-
SHA256
f236cb897de32dc17895d4166f2c09d096b36d0ef62b77b637d6f2d92a692978
-
SHA512
14eac19464ada44ddd6e1af1b103ae9f55397a9416dd9ceb39b6f58915ab848cbc8b31129b572974f849ab18456aab3f22b50d711cef3464a322987436fd9914
-
SSDEEP
12288:/+ihGVHbS0R5kuu+wegJDEVTnTssg8lD8:JqHbn3lVn9R8
Malware Config
Targets
-
-
Target
f236cb897de32dc17895d4166f2c09d096b36d0ef62b77b637d6f2d92a692978.exe
-
Size
605KB
-
MD5
8569e0615cff7d6516c93f3cdc0c7db8
-
SHA1
6689c298c88b4caa31e6761c36c3d5eb73944099
-
SHA256
f236cb897de32dc17895d4166f2c09d096b36d0ef62b77b637d6f2d92a692978
-
SHA512
14eac19464ada44ddd6e1af1b103ae9f55397a9416dd9ceb39b6f58915ab848cbc8b31129b572974f849ab18456aab3f22b50d711cef3464a322987436fd9914
-
SSDEEP
12288:/+ihGVHbS0R5kuu+wegJDEVTnTssg8lD8:JqHbn3lVn9R8
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-