General
-
Target
69799fbe48630bc927977662b0763d32c5c0d085107c0963b90d14f640385013.exe
-
Size
410KB
-
Sample
241211-mvsnkstnfj
-
MD5
146c5f79ec824c32a5a4984cc42ca071
-
SHA1
ed1ba2a2e71c9418b424b481873660b9ebbfd64e
-
SHA256
69799fbe48630bc927977662b0763d32c5c0d085107c0963b90d14f640385013
-
SHA512
0fa1aa25249684881442935bec25e47c6d4502991857f9155f67e2ee686d0af2ea20864bfb3c1ba9a054c2da053e5c6130420a66e31319b9d8d46bc3378bc0ec
-
SSDEEP
3072:sr85CuPDzJM5JZz/+G4C/GsGTsJFOAKR8zFRjAYAg0FucITEKLkJNGnaTGVyN4W7:k9k+JN/+03ssJFOAAOgKLkJNxT/Mnmas
Malware Config
Targets
-
-
Target
69799fbe48630bc927977662b0763d32c5c0d085107c0963b90d14f640385013.exe
-
Size
410KB
-
MD5
146c5f79ec824c32a5a4984cc42ca071
-
SHA1
ed1ba2a2e71c9418b424b481873660b9ebbfd64e
-
SHA256
69799fbe48630bc927977662b0763d32c5c0d085107c0963b90d14f640385013
-
SHA512
0fa1aa25249684881442935bec25e47c6d4502991857f9155f67e2ee686d0af2ea20864bfb3c1ba9a054c2da053e5c6130420a66e31319b9d8d46bc3378bc0ec
-
SSDEEP
3072:sr85CuPDzJM5JZz/+G4C/GsGTsJFOAKR8zFRjAYAg0FucITEKLkJNGnaTGVyN4W7:k9k+JN/+03ssJFOAAOgKLkJNxT/Mnmas
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-