General
-
Target
645ee1785092b9e919a8edf076fc6fd6eb57b1a7296a578e8a20d79281598661
-
Size
901KB
-
Sample
241231-24gd8stqcw
-
MD5
2f830e249c310338d1a2fc647a6d7197
-
SHA1
9f35db9e47a234893ba422321f94c2e0dd32697c
-
SHA256
645ee1785092b9e919a8edf076fc6fd6eb57b1a7296a578e8a20d79281598661
-
SHA512
26165d0771c51cb8f2d8493629dc2c914ff5a94fac5d23cb2af8fd9fae1ed09eb0ef14221e6bb1304f11cf9678173c2599b4329720e627567315fe85d91bfcd7
-
SSDEEP
12288:m9T+DcQI1M8mmfdLyZYr3H7SicJFwuWGJ9NVJtF5Pgu3ZUZlL86Bd8:QCDcQslLOYKicJ6uJV5PFZUZh86g
Malware Config
Targets
-
-
Target
645ee1785092b9e919a8edf076fc6fd6eb57b1a7296a578e8a20d79281598661
-
Size
901KB
-
MD5
2f830e249c310338d1a2fc647a6d7197
-
SHA1
9f35db9e47a234893ba422321f94c2e0dd32697c
-
SHA256
645ee1785092b9e919a8edf076fc6fd6eb57b1a7296a578e8a20d79281598661
-
SHA512
26165d0771c51cb8f2d8493629dc2c914ff5a94fac5d23cb2af8fd9fae1ed09eb0ef14221e6bb1304f11cf9678173c2599b4329720e627567315fe85d91bfcd7
-
SSDEEP
12288:m9T+DcQI1M8mmfdLyZYr3H7SicJFwuWGJ9NVJtF5Pgu3ZUZlL86Bd8:QCDcQslLOYKicJ6uJV5PFZUZh86g
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-