General
-
Target
2dc10c8af8906815691dbaed09286d0fd3460e6bb391e0d24f0c2df30d5c6c31.exe
-
Size
2.4MB
-
Sample
250113-ts7s2s1jcr
-
MD5
1ac8b4759fdc6a98e283e19f72383ba8
-
SHA1
78f8bf8e46d35cd2c63a7f9b762aca0a429a314c
-
SHA256
2dc10c8af8906815691dbaed09286d0fd3460e6bb391e0d24f0c2df30d5c6c31
-
SHA512
49c43d99ee80c388a1d3514263372dcc83de772a19da3e3346a8c650ec58493427ade1e76a843ec17b06b749277d281fd69f1e07d9eb091d62cc5e348ab771b8
-
SSDEEP
49152:MWrWY5dcJP1K+miVsQBg6zGVV1BCjBEYgIrjYu:zrosSG8jP
Malware Config
Targets
-
-
Target
2dc10c8af8906815691dbaed09286d0fd3460e6bb391e0d24f0c2df30d5c6c31.exe
-
Size
2.4MB
-
MD5
1ac8b4759fdc6a98e283e19f72383ba8
-
SHA1
78f8bf8e46d35cd2c63a7f9b762aca0a429a314c
-
SHA256
2dc10c8af8906815691dbaed09286d0fd3460e6bb391e0d24f0c2df30d5c6c31
-
SHA512
49c43d99ee80c388a1d3514263372dcc83de772a19da3e3346a8c650ec58493427ade1e76a843ec17b06b749277d281fd69f1e07d9eb091d62cc5e348ab771b8
-
SSDEEP
49152:MWrWY5dcJP1K+miVsQBg6zGVV1BCjBEYgIrjYu:zrosSG8jP
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-