General
-
Target
bd81342779380999de528ac8013678de06c44541e87c587182df3b84c9b0f096N.exe
-
Size
2.0MB
-
Sample
241210-14n9ea1rcs
-
MD5
f64963f2ff7f5439e35b1267b439c550
-
SHA1
d2faba1891c3991554b7b5e4ee9fa48a36def7b3
-
SHA256
bd81342779380999de528ac8013678de06c44541e87c587182df3b84c9b0f096
-
SHA512
d9fe36c797a4d1caeda903d254ff99555aab153f381d0f53af0660fddf7e2446c2140a49994df32469f74d114ca7e4327c6c1ec5e2f4aad7453d52f1120944ba
-
SSDEEP
49152:Dhxb/kOrTW+uUa0IJLipx8N2pD8W3O0pXEUWbeFdL4:DhF/kYWUa7JO/8Nu8kRGAdL4
Malware Config
Targets
-
-
Target
bd81342779380999de528ac8013678de06c44541e87c587182df3b84c9b0f096N.exe
-
Size
2.0MB
-
MD5
f64963f2ff7f5439e35b1267b439c550
-
SHA1
d2faba1891c3991554b7b5e4ee9fa48a36def7b3
-
SHA256
bd81342779380999de528ac8013678de06c44541e87c587182df3b84c9b0f096
-
SHA512
d9fe36c797a4d1caeda903d254ff99555aab153f381d0f53af0660fddf7e2446c2140a49994df32469f74d114ca7e4327c6c1ec5e2f4aad7453d52f1120944ba
-
SSDEEP
49152:Dhxb/kOrTW+uUa0IJLipx8N2pD8W3O0pXEUWbeFdL4:DhF/kYWUa7JO/8Nu8kRGAdL4
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-