General
-
Target
d412e05378594d1a648173af75aa10fcb0a0bc9fc06ce07cfa503d18d2e30d9eN.exe
-
Size
179KB
-
Sample
241218-j2brvsskcm
-
MD5
5c946c2ed90d7736b049205a3a008ad0
-
SHA1
62e6284ee06845bfc0524f5b106e81bf67541580
-
SHA256
d412e05378594d1a648173af75aa10fcb0a0bc9fc06ce07cfa503d18d2e30d9e
-
SHA512
c9eb5943f1e85a3e4a4ae3c4e34613e8a04494fd4676cfae2d2abfc93f7e517e89cc586bb91ec8dc3eca81b425afbd6ed1986657f5e3c38df86bc1e8d1cfcd5a
-
SSDEEP
3072:sr85Cvf6PZZCcGfW9Kx/D6PZOsjBKoML0dBAxofdrG73ojnO7ej6TNuZ1PWOmd3L:k9vtcWxzsjBKoML0dBAxofdrG73ojnOv
Malware Config
Targets
-
-
Target
d412e05378594d1a648173af75aa10fcb0a0bc9fc06ce07cfa503d18d2e30d9eN.exe
-
Size
179KB
-
MD5
5c946c2ed90d7736b049205a3a008ad0
-
SHA1
62e6284ee06845bfc0524f5b106e81bf67541580
-
SHA256
d412e05378594d1a648173af75aa10fcb0a0bc9fc06ce07cfa503d18d2e30d9e
-
SHA512
c9eb5943f1e85a3e4a4ae3c4e34613e8a04494fd4676cfae2d2abfc93f7e517e89cc586bb91ec8dc3eca81b425afbd6ed1986657f5e3c38df86bc1e8d1cfcd5a
-
SSDEEP
3072:sr85Cvf6PZZCcGfW9Kx/D6PZOsjBKoML0dBAxofdrG73ojnO7ej6TNuZ1PWOmd3L:k9vtcWxzsjBKoML0dBAxofdrG73ojnOv
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-