General
-
Target
ad8d5d2fb59048ff51da69e5032f0e4ee1ccc7b4286e297404f6d9c3f394ae36N.exe
-
Size
1.3MB
-
Sample
241230-24mk9asrgj
-
MD5
80ccb6d5a58bb63d6ac9e67f1f39ab70
-
SHA1
ab6d8cf464299b84bfe39ec91a3b34cb34030d25
-
SHA256
ad8d5d2fb59048ff51da69e5032f0e4ee1ccc7b4286e297404f6d9c3f394ae36
-
SHA512
f755e1bfaf6ce496edd416824c6edc7c9b8d33b7fb4863865d355d8ba98f149b471a829a0f801ea8be8aeb2a37717ee725111f82871cccb99c3c0abb30510af6
-
SSDEEP
24576:wR9xKUvRKUTR/+fEGRhKwH8uWjxYO5nbYI:E9xJvR/R/+fjRhKaix/nbH
Malware Config
Targets
-
-
Target
ad8d5d2fb59048ff51da69e5032f0e4ee1ccc7b4286e297404f6d9c3f394ae36N.exe
-
Size
1.3MB
-
MD5
80ccb6d5a58bb63d6ac9e67f1f39ab70
-
SHA1
ab6d8cf464299b84bfe39ec91a3b34cb34030d25
-
SHA256
ad8d5d2fb59048ff51da69e5032f0e4ee1ccc7b4286e297404f6d9c3f394ae36
-
SHA512
f755e1bfaf6ce496edd416824c6edc7c9b8d33b7fb4863865d355d8ba98f149b471a829a0f801ea8be8aeb2a37717ee725111f82871cccb99c3c0abb30510af6
-
SSDEEP
24576:wR9xKUvRKUTR/+fEGRhKwH8uWjxYO5nbYI:E9xJvR/R/+fjRhKaix/nbH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-