General
-
Target
b541c12db9aea2855e23f3b7152a7b5d6536934e9758c16e632337225e5a7a5d
-
Size
84KB
-
Sample
250105-feptestren
-
MD5
059ef7cd32a9c16ad169f9c5301a123f
-
SHA1
4fc79c2e830fdd4a8d9fea4d981f044c3403e70f
-
SHA256
b541c12db9aea2855e23f3b7152a7b5d6536934e9758c16e632337225e5a7a5d
-
SHA512
e4206f10bf805302ffe85bb8eef4be2cec28741278909b7a8199a5f72df24b8d96d7daf72015d44dee5e367158cec79ac981411950d940ffadfea8103542e421
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJYEapI1/JSSojzmvjR3PcXNiqboxe1W0:JxqjQ+P04wsmJCDKUSXO4WNkFH/7S4xO
Malware Config
Targets
-
-
Target
b541c12db9aea2855e23f3b7152a7b5d6536934e9758c16e632337225e5a7a5d
-
Size
84KB
-
MD5
059ef7cd32a9c16ad169f9c5301a123f
-
SHA1
4fc79c2e830fdd4a8d9fea4d981f044c3403e70f
-
SHA256
b541c12db9aea2855e23f3b7152a7b5d6536934e9758c16e632337225e5a7a5d
-
SHA512
e4206f10bf805302ffe85bb8eef4be2cec28741278909b7a8199a5f72df24b8d96d7daf72015d44dee5e367158cec79ac981411950d940ffadfea8103542e421
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJYEapI1/JSSojzmvjR3PcXNiqboxe1W0:JxqjQ+P04wsmJCDKUSXO4WNkFH/7S4xO
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-