General
-
Target
0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977
-
Size
1.8MB
-
Sample
241217-ydbvaawjax
-
MD5
938aed087a343f6177ffe5f8ba3944a3
-
SHA1
660715046a506d3995cd87c9f5628c3db029f06b
-
SHA256
0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977
-
SHA512
354bd6f1a1ce8f73d815b891a10887a204c897ddbd0e98699e0323cde38a8aa96a82804064679503502b6ee3609765530ea10eb4bb103403954ecf407b1c3df3
-
SSDEEP
49152:uWwO7RVi/cnQD2OOJOhFhKONotW6mTZTeklSgCGYnnC3I7:uWh7Li/WyvhcgT8goC3S
Malware Config
Targets
-
-
Target
0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977
-
Size
1.8MB
-
MD5
938aed087a343f6177ffe5f8ba3944a3
-
SHA1
660715046a506d3995cd87c9f5628c3db029f06b
-
SHA256
0bc4582e37190473b593fe74522771575932ae9dbbaf8ece0efe93b8baf9a977
-
SHA512
354bd6f1a1ce8f73d815b891a10887a204c897ddbd0e98699e0323cde38a8aa96a82804064679503502b6ee3609765530ea10eb4bb103403954ecf407b1c3df3
-
SSDEEP
49152:uWwO7RVi/cnQD2OOJOhFhKONotW6mTZTeklSgCGYnnC3I7:uWh7Li/WyvhcgT8goC3S
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-