General
-
Target
cdde2f4e8f7c1ada77dcb0629a36df0152b0cf010142bdea6d2e3e5e63fe639d
-
Size
95KB
-
Sample
250105-gpbj8avjbz
-
MD5
4e5d5046dc65767b059c6d2f8fb5b9f4
-
SHA1
1b7e3cae3599ae55ff8092ea92e7118d691df071
-
SHA256
cdde2f4e8f7c1ada77dcb0629a36df0152b0cf010142bdea6d2e3e5e63fe639d
-
SHA512
68b4d2f1b837b6e9211e146e7526ccd071a1f723577ee8f8fcf662d7a2aac94e4c81f8461f71aadb7bd32d3fad552903cebc4729215ea8ab3ca36419de7a6dd2
-
SSDEEP
1536:JxqjQ+P04wsmJClfSG7SlxFftcVDzTPe/zYs7KNWJ:sr85ClfSGGwLPGYfgJ
Malware Config
Targets
-
-
Target
cdde2f4e8f7c1ada77dcb0629a36df0152b0cf010142bdea6d2e3e5e63fe639d
-
Size
95KB
-
MD5
4e5d5046dc65767b059c6d2f8fb5b9f4
-
SHA1
1b7e3cae3599ae55ff8092ea92e7118d691df071
-
SHA256
cdde2f4e8f7c1ada77dcb0629a36df0152b0cf010142bdea6d2e3e5e63fe639d
-
SHA512
68b4d2f1b837b6e9211e146e7526ccd071a1f723577ee8f8fcf662d7a2aac94e4c81f8461f71aadb7bd32d3fad552903cebc4729215ea8ab3ca36419de7a6dd2
-
SSDEEP
1536:JxqjQ+P04wsmJClfSG7SlxFftcVDzTPe/zYs7KNWJ:sr85ClfSGGwLPGYfgJ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-