General
-
Target
1d5d381af9eb15a1708bd79bfe22f1265f997a87a6668537e94f147ded2c604dN.exe
-
Size
2.4MB
-
Sample
250102-n79nas1mcv
-
MD5
a6e7dd0d0350bd2319ace1c8c10a3a30
-
SHA1
c49db3fcfb1c9b2566039bf90b82d5782f35e160
-
SHA256
1d5d381af9eb15a1708bd79bfe22f1265f997a87a6668537e94f147ded2c604d
-
SHA512
85df72cc49013f34233d38eea98a89fa06257451ae1649c4a6716c3a6c06bac7d93d82d051cc0fd9142f2fcaa87b3a8c8db8e40ad191fd652f56f8ebc77062fe
-
SSDEEP
49152:olgH6mwi1B8K50hGW9e0dC/VEBqH9nuzybDDz6O3o:Gmbdnun1
Malware Config
Targets
-
-
Target
1d5d381af9eb15a1708bd79bfe22f1265f997a87a6668537e94f147ded2c604dN.exe
-
Size
2.4MB
-
MD5
a6e7dd0d0350bd2319ace1c8c10a3a30
-
SHA1
c49db3fcfb1c9b2566039bf90b82d5782f35e160
-
SHA256
1d5d381af9eb15a1708bd79bfe22f1265f997a87a6668537e94f147ded2c604d
-
SHA512
85df72cc49013f34233d38eea98a89fa06257451ae1649c4a6716c3a6c06bac7d93d82d051cc0fd9142f2fcaa87b3a8c8db8e40ad191fd652f56f8ebc77062fe
-
SSDEEP
49152:olgH6mwi1B8K50hGW9e0dC/VEBqH9nuzybDDz6O3o:Gmbdnun1
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-