General
-
Target
e4c6efc7e6ee60499b7e957f5fe8c427a9640214291a20e0f10461e22f58f67d.exe
-
Size
40KB
-
Sample
241231-rl7hlawpgp
-
MD5
e6205f6b62f10a164c6b511eac8763bf
-
SHA1
e2e8b06bfcd75d42ebd3e03715a5b5ad2abbb10c
-
SHA256
e4c6efc7e6ee60499b7e957f5fe8c427a9640214291a20e0f10461e22f58f67d
-
SHA512
91ff2d99385d51ff7733865a07e0764d14ade30edc2e3193ba2292d8e614b2bad635e8f5015fc4f0dd609bc788a8355adc2d30083eff7d4446c1637ff1fd22a5
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJU:JxqjQ+P04wsmJCH
Malware Config
Targets
-
-
Target
e4c6efc7e6ee60499b7e957f5fe8c427a9640214291a20e0f10461e22f58f67d.exe
-
Size
40KB
-
MD5
e6205f6b62f10a164c6b511eac8763bf
-
SHA1
e2e8b06bfcd75d42ebd3e03715a5b5ad2abbb10c
-
SHA256
e4c6efc7e6ee60499b7e957f5fe8c427a9640214291a20e0f10461e22f58f67d
-
SHA512
91ff2d99385d51ff7733865a07e0764d14ade30edc2e3193ba2292d8e614b2bad635e8f5015fc4f0dd609bc788a8355adc2d30083eff7d4446c1637ff1fd22a5
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJU:JxqjQ+P04wsmJCH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-