General
-
Target
e1ad125cede87e6b92f420a74215e66a39582dd3f7a0b65fba62cc3cbe10446f.exe
-
Size
641KB
-
Sample
250102-bqkavsxncq
-
MD5
735bbd02ae510ed650ac8528d1d33cf6
-
SHA1
a10add3ff14b9bf6171f46b333a79fce32091a75
-
SHA256
e1ad125cede87e6b92f420a74215e66a39582dd3f7a0b65fba62cc3cbe10446f
-
SHA512
d159bb9939e3f0ac1c0b3be1c145ab4dfe63a131beccbb13a69e315499cc242fc6c632b0ef87fd918df8c2f302ceb8c86e425d402690b5bd914513afc5c77d5c
-
SSDEEP
12288:RKtTpt1iWVEhEH0qGnTWl5RW8jgYb2wPCWQ1QQ7WYXGTHR:RKJ1XVEhEnkTQ3W8jgY6wPCfQQCYXGTx
Malware Config
Targets
-
-
Target
e1ad125cede87e6b92f420a74215e66a39582dd3f7a0b65fba62cc3cbe10446f.exe
-
Size
641KB
-
MD5
735bbd02ae510ed650ac8528d1d33cf6
-
SHA1
a10add3ff14b9bf6171f46b333a79fce32091a75
-
SHA256
e1ad125cede87e6b92f420a74215e66a39582dd3f7a0b65fba62cc3cbe10446f
-
SHA512
d159bb9939e3f0ac1c0b3be1c145ab4dfe63a131beccbb13a69e315499cc242fc6c632b0ef87fd918df8c2f302ceb8c86e425d402690b5bd914513afc5c77d5c
-
SSDEEP
12288:RKtTpt1iWVEhEH0qGnTWl5RW8jgYb2wPCWQ1QQ7WYXGTHR:RKJ1XVEhEnkTQ3W8jgY6wPCfQQCYXGTx
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-