General
-
Target
52665b0611f205c1548a04272f8996b2c73b265cb24047a2446339c94fb259d5N.exe
-
Size
2.5MB
-
Sample
250102-kgp97atmbw
-
MD5
44a39d17d5f26892e457e63eb4c06c40
-
SHA1
9f505c4807d70aebdeab79b2b58d9f8ffbbf9781
-
SHA256
52665b0611f205c1548a04272f8996b2c73b265cb24047a2446339c94fb259d5
-
SHA512
704b855d189df19847f196eb59497c376c9da006d6eca9810b1bc5aab21d719bf9bdb8ce61cca716f56d64cd201041903f4f4ef8071ea27f098156d6f2108cdd
-
SSDEEP
12288:mb286MLapMyGZUl2ce3GdNd+JXxOgrTEFX/1pbcLgJM:mb286smIZ6Bnd+Rx1TEFXfbcLaM
Malware Config
Targets
-
-
Target
52665b0611f205c1548a04272f8996b2c73b265cb24047a2446339c94fb259d5N.exe
-
Size
2.5MB
-
MD5
44a39d17d5f26892e457e63eb4c06c40
-
SHA1
9f505c4807d70aebdeab79b2b58d9f8ffbbf9781
-
SHA256
52665b0611f205c1548a04272f8996b2c73b265cb24047a2446339c94fb259d5
-
SHA512
704b855d189df19847f196eb59497c376c9da006d6eca9810b1bc5aab21d719bf9bdb8ce61cca716f56d64cd201041903f4f4ef8071ea27f098156d6f2108cdd
-
SSDEEP
12288:mb286MLapMyGZUl2ce3GdNd+JXxOgrTEFX/1pbcLgJM:mb286smIZ6Bnd+Rx1TEFXfbcLaM
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-