General
-
Target
940d41d85be555a21bed65da3303c2643b786b56bd1d14e38389d84a7a421f89N.exe
-
Size
1.2MB
-
Sample
241219-kdzpfswrhz
-
MD5
e334d495cd9019213ee6ca65d6d3ee90
-
SHA1
2e9a32ff93a4b58bdea73396e6923a82e500c7a9
-
SHA256
940d41d85be555a21bed65da3303c2643b786b56bd1d14e38389d84a7a421f89
-
SHA512
bff43ce131b3ea84bcbf7a227b77de4f889e7a71b3b55da1fc6efd45368d1f396e0467354fa5eb3983bebaeef1d40b856b24228e8014eadceb2ab59ef8058817
-
SSDEEP
12288:QPgDWFlgackSxvJaSkSxvJaKvJaqGu1uQFmKIIXfb8h:QID7aVMBavMBaKBaqd8QFfvE
Malware Config
Targets
-
-
Target
940d41d85be555a21bed65da3303c2643b786b56bd1d14e38389d84a7a421f89N.exe
-
Size
1.2MB
-
MD5
e334d495cd9019213ee6ca65d6d3ee90
-
SHA1
2e9a32ff93a4b58bdea73396e6923a82e500c7a9
-
SHA256
940d41d85be555a21bed65da3303c2643b786b56bd1d14e38389d84a7a421f89
-
SHA512
bff43ce131b3ea84bcbf7a227b77de4f889e7a71b3b55da1fc6efd45368d1f396e0467354fa5eb3983bebaeef1d40b856b24228e8014eadceb2ab59ef8058817
-
SSDEEP
12288:QPgDWFlgackSxvJaSkSxvJaKvJaqGu1uQFmKIIXfb8h:QID7aVMBavMBaKBaqd8QFfvE
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-