General
-
Target
8909f90305a5e4a1ca582f02a0f97d46ffeb30f9a147f01ffead4e9bcf010c25N.exe
-
Size
3.3MB
-
Sample
250101-swclmssqgm
-
MD5
9598bfed8b36c32a68d0b3328ab71470
-
SHA1
c556649d7ea8c8ca6a7af1df936a0b55bd5c76de
-
SHA256
8909f90305a5e4a1ca582f02a0f97d46ffeb30f9a147f01ffead4e9bcf010c25
-
SHA512
b1a1b3ae5917b764f6959478da609d45c4ae3a0df6e3a2304f1d7d44872bd93b62a60dc658e7603e94cdb066a8da839af69207881ba08e4837d46817bad87275
-
SSDEEP
24576:WCjxCqNmTBmrDf7I8km0q0WAsci5VRNGaeWXIPufkx8qXgW8fC3fRsI7Nl:9bIe5VRJRIWfb+gWgCv37Nl
Malware Config
Targets
-
-
Target
8909f90305a5e4a1ca582f02a0f97d46ffeb30f9a147f01ffead4e9bcf010c25N.exe
-
Size
3.3MB
-
MD5
9598bfed8b36c32a68d0b3328ab71470
-
SHA1
c556649d7ea8c8ca6a7af1df936a0b55bd5c76de
-
SHA256
8909f90305a5e4a1ca582f02a0f97d46ffeb30f9a147f01ffead4e9bcf010c25
-
SHA512
b1a1b3ae5917b764f6959478da609d45c4ae3a0df6e3a2304f1d7d44872bd93b62a60dc658e7603e94cdb066a8da839af69207881ba08e4837d46817bad87275
-
SSDEEP
24576:WCjxCqNmTBmrDf7I8km0q0WAsci5VRNGaeWXIPufkx8qXgW8fC3fRsI7Nl:9bIe5VRJRIWfb+gWgCv37Nl
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-