General
-
Target
fcaa6ffb2ec03bc41c60c4648549fd0cf3098992b495e23a72e7e12cdabd267d.exe
-
Size
356KB
-
Sample
241207-m5halavphq
-
MD5
54adcf4c9167b5946ba296f023b06db2
-
SHA1
4e71ce5a39d5a9bb772150592b61f8040693d811
-
SHA256
fcaa6ffb2ec03bc41c60c4648549fd0cf3098992b495e23a72e7e12cdabd267d
-
SHA512
3ee54c1411dfcb37911f31f29b65a023c0cbc7482ef3733a38dc0e996745228e9b6625c0769ceb4989cf2fda784325b1d6a38ed3a734451551528081b593d09d
-
SSDEEP
6144:k9NPDAWKklwXx39oBLohizkvxhlDqJd+9F:SsWPlwX2Lov5HqI
Malware Config
Targets
-
-
Target
fcaa6ffb2ec03bc41c60c4648549fd0cf3098992b495e23a72e7e12cdabd267d.exe
-
Size
356KB
-
MD5
54adcf4c9167b5946ba296f023b06db2
-
SHA1
4e71ce5a39d5a9bb772150592b61f8040693d811
-
SHA256
fcaa6ffb2ec03bc41c60c4648549fd0cf3098992b495e23a72e7e12cdabd267d
-
SHA512
3ee54c1411dfcb37911f31f29b65a023c0cbc7482ef3733a38dc0e996745228e9b6625c0769ceb4989cf2fda784325b1d6a38ed3a734451551528081b593d09d
-
SSDEEP
6144:k9NPDAWKklwXx39oBLohizkvxhlDqJd+9F:SsWPlwX2Lov5HqI
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-