General
-
Target
1d461e552d8bc8b719cfb0569f1193856e1511ded413cdcb481a5c13dd07ca16N.exe
-
Size
641KB
-
Sample
250101-3trb5atlcq
-
MD5
c12f6647cff7f189e426fa4a3688e660
-
SHA1
e5f9dec420b012747ca4f7653d43d0fa32da1713
-
SHA256
1d461e552d8bc8b719cfb0569f1193856e1511ded413cdcb481a5c13dd07ca16
-
SHA512
81a3a660fded4d9e2ee93ca89b92cf91da45dbfb581c60426d3af4a0b57c9cb3e7cf4c3ebfd8e13e0facea4fb44ea644ccd50afe942350c5a54ad8b1d2d84bb9
-
SSDEEP
12288:RKtTpt1iWVEhEH0qGnTWl5RW8jgYb2wPCWQ1QQ7WYXGTHB:RKJ1XVEhEnkTQ3W8jgY6wPCfQQCYXGTh
Malware Config
Targets
-
-
Target
1d461e552d8bc8b719cfb0569f1193856e1511ded413cdcb481a5c13dd07ca16N.exe
-
Size
641KB
-
MD5
c12f6647cff7f189e426fa4a3688e660
-
SHA1
e5f9dec420b012747ca4f7653d43d0fa32da1713
-
SHA256
1d461e552d8bc8b719cfb0569f1193856e1511ded413cdcb481a5c13dd07ca16
-
SHA512
81a3a660fded4d9e2ee93ca89b92cf91da45dbfb581c60426d3af4a0b57c9cb3e7cf4c3ebfd8e13e0facea4fb44ea644ccd50afe942350c5a54ad8b1d2d84bb9
-
SSDEEP
12288:RKtTpt1iWVEhEH0qGnTWl5RW8jgYb2wPCWQ1QQ7WYXGTHB:RKJ1XVEhEnkTQ3W8jgY6wPCfQQCYXGTh
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-