General
-
Target
5b22885aa0b352683fcc4c2d27a58bca4c8f229de1d2d36cf419cb625985f060N.exe
-
Size
1.5MB
-
Sample
250101-qtrlnswnez
-
MD5
18fc193b873fe0b1bec71f9adb81b980
-
SHA1
22e26e736643fde32ce7afa3c60af3c4bec9e9fe
-
SHA256
5b22885aa0b352683fcc4c2d27a58bca4c8f229de1d2d36cf419cb625985f060
-
SHA512
b2ab211ccf0f000e3467aae352a70cb2025226efb091f0f87761857b1e1432026895207d1473d2f6c152fb8364e7d8d775698d20c21917884fde3300478eb7aa
-
SSDEEP
24576:Z7f/qIBpJA8uyQh8ce3N1BaSD7hVDaV+nmMUhlHSIN68sqBzc+Fj:99RTkSrDyImlHSIN68sqlc+Fj
Malware Config
Targets
-
-
Target
5b22885aa0b352683fcc4c2d27a58bca4c8f229de1d2d36cf419cb625985f060N.exe
-
Size
1.5MB
-
MD5
18fc193b873fe0b1bec71f9adb81b980
-
SHA1
22e26e736643fde32ce7afa3c60af3c4bec9e9fe
-
SHA256
5b22885aa0b352683fcc4c2d27a58bca4c8f229de1d2d36cf419cb625985f060
-
SHA512
b2ab211ccf0f000e3467aae352a70cb2025226efb091f0f87761857b1e1432026895207d1473d2f6c152fb8364e7d8d775698d20c21917884fde3300478eb7aa
-
SSDEEP
24576:Z7f/qIBpJA8uyQh8ce3N1BaSD7hVDaV+nmMUhlHSIN68sqBzc+Fj:99RTkSrDyImlHSIN68sqlc+Fj
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-