General
-
Target
dab95eaea0da1cf34babe3f3f485d8a8c29d6d786d2f91e825cf5abaf8383755.exe
-
Size
86KB
-
Sample
241211-nwmz6a1mey
-
MD5
cd6e89ee8f4350cbc2655685713a7078
-
SHA1
df08d8b87836d47df76e6f9df29de201df50fe39
-
SHA256
dab95eaea0da1cf34babe3f3f485d8a8c29d6d786d2f91e825cf5abaf8383755
-
SHA512
9e60c07b6a14339c20ca976eae9a019b5006488d8bc204b8d3999c854db7d41024f2499b1ddd95d3b47d6485b00f59cdc9d3f0f386f7766056233a9c0b49f205
-
SSDEEP
1536:JxqjQ+P04wsmJCT9ghq+p1SbM7rgOJKF6rq:sr85CT8nIsrgOW6rq
Malware Config
Targets
-
-
Target
dab95eaea0da1cf34babe3f3f485d8a8c29d6d786d2f91e825cf5abaf8383755.exe
-
Size
86KB
-
MD5
cd6e89ee8f4350cbc2655685713a7078
-
SHA1
df08d8b87836d47df76e6f9df29de201df50fe39
-
SHA256
dab95eaea0da1cf34babe3f3f485d8a8c29d6d786d2f91e825cf5abaf8383755
-
SHA512
9e60c07b6a14339c20ca976eae9a019b5006488d8bc204b8d3999c854db7d41024f2499b1ddd95d3b47d6485b00f59cdc9d3f0f386f7766056233a9c0b49f205
-
SSDEEP
1536:JxqjQ+P04wsmJCT9ghq+p1SbM7rgOJKF6rq:sr85CT8nIsrgOW6rq
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-