General
-
Target
9c6d949b8b935d622963398946c80f6e3d89bd83d2e3294c43020bbf5e352b72N.exe
-
Size
3.7MB
-
Sample
241218-hl3d7syrcm
-
MD5
ff2343b5b27b8fa355ff654ab2195230
-
SHA1
4d72bbe94332088c68cb474d2011830d373f4512
-
SHA256
9c6d949b8b935d622963398946c80f6e3d89bd83d2e3294c43020bbf5e352b72
-
SHA512
5fd7f9d62f29c427e6a5a48ffcc43318789cfdf8d44a54ade2304847769ce6b493e772cfe599e30fe561b5455be12e29b21ac81e4640708da21980aaa909bb33
-
SSDEEP
49152:8G71e1Fst+Weyfh6Qof06bhPiZkbESA6szlIMH9Q/f1xW1H3:uSCQubESA6sz+o
Malware Config
Targets
-
-
Target
9c6d949b8b935d622963398946c80f6e3d89bd83d2e3294c43020bbf5e352b72N.exe
-
Size
3.7MB
-
MD5
ff2343b5b27b8fa355ff654ab2195230
-
SHA1
4d72bbe94332088c68cb474d2011830d373f4512
-
SHA256
9c6d949b8b935d622963398946c80f6e3d89bd83d2e3294c43020bbf5e352b72
-
SHA512
5fd7f9d62f29c427e6a5a48ffcc43318789cfdf8d44a54ade2304847769ce6b493e772cfe599e30fe561b5455be12e29b21ac81e4640708da21980aaa909bb33
-
SSDEEP
49152:8G71e1Fst+Weyfh6Qof06bhPiZkbESA6szlIMH9Q/f1xW1H3:uSCQubESA6sz+o
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-