General
-
Target
d74a8e9fa48fc698776ec7b91c8943d1777157e46d28c3cecef22ffd684d0e94
-
Size
1.4MB
-
Sample
241208-d5hrpavren
-
MD5
c10fdee7510e09d668471b4ad1366889
-
SHA1
bf80bd31e539a5b7137f8fa536bb15350c2ddd0a
-
SHA256
d74a8e9fa48fc698776ec7b91c8943d1777157e46d28c3cecef22ffd684d0e94
-
SHA512
1adf292b74623d650059a54692e70295d288371f776cc161c8a0e128b584004503fe51f9e8b5b303410d0992b0bc314a865ee3ac8b5368f2996dba67702d6972
-
SSDEEP
24576:/AyWuSwIbFLOmDk0jy3sydnErPSCTTk4W29/DS+BTZFnfEuSlWAT7ijF29lo/Qsy:/WuSwIbFLOAkGy3zdnErPSCTomFDS+BS
Malware Config
Targets
-
-
Target
d74a8e9fa48fc698776ec7b91c8943d1777157e46d28c3cecef22ffd684d0e94
-
Size
1.4MB
-
MD5
c10fdee7510e09d668471b4ad1366889
-
SHA1
bf80bd31e539a5b7137f8fa536bb15350c2ddd0a
-
SHA256
d74a8e9fa48fc698776ec7b91c8943d1777157e46d28c3cecef22ffd684d0e94
-
SHA512
1adf292b74623d650059a54692e70295d288371f776cc161c8a0e128b584004503fe51f9e8b5b303410d0992b0bc314a865ee3ac8b5368f2996dba67702d6972
-
SSDEEP
24576:/AyWuSwIbFLOmDk0jy3sydnErPSCTTk4W29/DS+BTZFnfEuSlWAT7ijF29lo/Qsy:/WuSwIbFLOAkGy3zdnErPSCTomFDS+BS
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-