General
-
Target
aa64f153ec6309c391e5b14ab4d4e809b4b7afa7b74644a32c63727bb28ebae6N.exe
-
Size
3.1MB
-
Sample
241211-b3dzlszjgw
-
MD5
f18df16bc1efa216e2e2f4e0988f6fd0
-
SHA1
28a4a38d5133f7adebe78e2af4fb2f786e55a5e4
-
SHA256
aa64f153ec6309c391e5b14ab4d4e809b4b7afa7b74644a32c63727bb28ebae6
-
SHA512
af6f867bcf41393fbb17b4245c7306f416305be20eda5dfd8e4c61a9aff99746b4d38f66adae909d8397b912a50b4c4dae473b34102ba77305bb4177f673307c
-
SSDEEP
49152:HsO/CXZZZZZZZZZZZZZZNz/MrHJ+5fFKL/A7Xb3P1nQsveZWujtFLaJS4BXxqrYE:dCN/fsLOXbf1nQ0qLeenm+J
Malware Config
Targets
-
-
Target
aa64f153ec6309c391e5b14ab4d4e809b4b7afa7b74644a32c63727bb28ebae6N.exe
-
Size
3.1MB
-
MD5
f18df16bc1efa216e2e2f4e0988f6fd0
-
SHA1
28a4a38d5133f7adebe78e2af4fb2f786e55a5e4
-
SHA256
aa64f153ec6309c391e5b14ab4d4e809b4b7afa7b74644a32c63727bb28ebae6
-
SHA512
af6f867bcf41393fbb17b4245c7306f416305be20eda5dfd8e4c61a9aff99746b4d38f66adae909d8397b912a50b4c4dae473b34102ba77305bb4177f673307c
-
SSDEEP
49152:HsO/CXZZZZZZZZZZZZZZNz/MrHJ+5fFKL/A7Xb3P1nQsveZWujtFLaJS4BXxqrYE:dCN/fsLOXbf1nQ0qLeenm+J
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-