General
-
Target
36d2969abb131f2f04fa9d72ccda9e375ec0e2679afa65612d621cad612253d2.exe
-
Size
2.6MB
-
Sample
241219-ccenws1rb1
-
MD5
eaf604d327bea7660e7cce3254163a8c
-
SHA1
b5b9d478400339f5c024c25d71fd53c6ccb3ce93
-
SHA256
36d2969abb131f2f04fa9d72ccda9e375ec0e2679afa65612d621cad612253d2
-
SHA512
e8bd3b50d184a4cae90594b85e36c25e4547b0cbe2280c3ff42dacfc966d8be3bdce5345f6636261f58bf6122912c96ee163495062f2f985bf63de0ec8cd80df
-
SSDEEP
49152:cRZy7dZ/YrBCPuzhj8qI65S4kIlPpZfNi:wr/dkp4P8
Malware Config
Targets
-
-
Target
36d2969abb131f2f04fa9d72ccda9e375ec0e2679afa65612d621cad612253d2.exe
-
Size
2.6MB
-
MD5
eaf604d327bea7660e7cce3254163a8c
-
SHA1
b5b9d478400339f5c024c25d71fd53c6ccb3ce93
-
SHA256
36d2969abb131f2f04fa9d72ccda9e375ec0e2679afa65612d621cad612253d2
-
SHA512
e8bd3b50d184a4cae90594b85e36c25e4547b0cbe2280c3ff42dacfc966d8be3bdce5345f6636261f58bf6122912c96ee163495062f2f985bf63de0ec8cd80df
-
SSDEEP
49152:cRZy7dZ/YrBCPuzhj8qI65S4kIlPpZfNi:wr/dkp4P8
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-