General
-
Target
2025-01-08_82c953cbde3b43dd03fecfbf1fda428b_hijackloader_lockergoga_luca-stealer_neshta
-
Size
1.5MB
-
Sample
250108-b9n36aynct
-
MD5
82c953cbde3b43dd03fecfbf1fda428b
-
SHA1
6a31fc1d135a7e3e3433493d96100e3ecf543eea
-
SHA256
5464756b447a3fab196c9c6705ba94abaf8bf33efee52c3c13b5e919a620368b
-
SHA512
d1cfb44713e968f9183443ecbeb5236343ff2905b9d62b6270ecbc0dd588b8ad0425cb7d2ece19694f83bb50ea623ee50b99b9b29a3519ed85e0b0d73827f452
-
SSDEEP
49152:OaKHn5T/62xKoB3zFV0QopXzgN08he2naPSuu4J:XKHnV/LFVzopuAJ
Malware Config
Targets
-
-
Target
2025-01-08_82c953cbde3b43dd03fecfbf1fda428b_hijackloader_lockergoga_luca-stealer_neshta
-
Size
1.5MB
-
MD5
82c953cbde3b43dd03fecfbf1fda428b
-
SHA1
6a31fc1d135a7e3e3433493d96100e3ecf543eea
-
SHA256
5464756b447a3fab196c9c6705ba94abaf8bf33efee52c3c13b5e919a620368b
-
SHA512
d1cfb44713e968f9183443ecbeb5236343ff2905b9d62b6270ecbc0dd588b8ad0425cb7d2ece19694f83bb50ea623ee50b99b9b29a3519ed85e0b0d73827f452
-
SSDEEP
49152:OaKHn5T/62xKoB3zFV0QopXzgN08he2naPSuu4J:XKHnV/LFVzopuAJ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-