General
-
Target
5cef2046bc3df66fc61fee28bb5d13f16e217f42611344ff5b972c8ee9596694N.exe
-
Size
179KB
-
Sample
250102-nxbzaatkcm
-
MD5
9f6863ce93541987e2dfc48cd13184c0
-
SHA1
369b08e5f2f6b0ed1c75596053db97612c1873d8
-
SHA256
5cef2046bc3df66fc61fee28bb5d13f16e217f42611344ff5b972c8ee9596694
-
SHA512
55e9a6246fe75875fa3543b6474e603ae0511211391e6c23df54fea32075021961afe76c3d06f08b078e56e1d91b608e78600eafff4aada64e833e5a75e9a575
-
SSDEEP
3072:sr85C+qz77I0+R60u4dF7TsosehRc5IqZPery17MwNWuFg:k9+qY/PQ5IqZPf1BsuFg
Malware Config
Targets
-
-
Target
5cef2046bc3df66fc61fee28bb5d13f16e217f42611344ff5b972c8ee9596694N.exe
-
Size
179KB
-
MD5
9f6863ce93541987e2dfc48cd13184c0
-
SHA1
369b08e5f2f6b0ed1c75596053db97612c1873d8
-
SHA256
5cef2046bc3df66fc61fee28bb5d13f16e217f42611344ff5b972c8ee9596694
-
SHA512
55e9a6246fe75875fa3543b6474e603ae0511211391e6c23df54fea32075021961afe76c3d06f08b078e56e1d91b608e78600eafff4aada64e833e5a75e9a575
-
SSDEEP
3072:sr85C+qz77I0+R60u4dF7TsosehRc5IqZPery17MwNWuFg:k9+qY/PQ5IqZPf1BsuFg
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-