General
-
Target
4d1d028bf3152452ee64f234f0343b0565f845456799e7816e95ca1cbdfa733f.exe
-
Size
191KB
-
Sample
250116-h4l5yaylh1
-
MD5
500d3275b9fab92ed234866ae1d9f443
-
SHA1
540c648d5bb8f26b22dd0e6b7a4f42826aca13db
-
SHA256
4d1d028bf3152452ee64f234f0343b0565f845456799e7816e95ca1cbdfa733f
-
SHA512
221bcbedb3d7650c685777074b44531869218e7a88658ce854e06b10eddef3c4bce5c90897c28ebb193c2b0eea37921f3dbe98d11e703231221ea6a922c0db52
-
SSDEEP
3072:sr85C2ux9IfBqsmx/LpHQvLq/Zr9CSyOcd5WEEr85Cp:k92cmYsmr4Z89p
Malware Config
Targets
-
-
Target
4d1d028bf3152452ee64f234f0343b0565f845456799e7816e95ca1cbdfa733f.exe
-
Size
191KB
-
MD5
500d3275b9fab92ed234866ae1d9f443
-
SHA1
540c648d5bb8f26b22dd0e6b7a4f42826aca13db
-
SHA256
4d1d028bf3152452ee64f234f0343b0565f845456799e7816e95ca1cbdfa733f
-
SHA512
221bcbedb3d7650c685777074b44531869218e7a88658ce854e06b10eddef3c4bce5c90897c28ebb193c2b0eea37921f3dbe98d11e703231221ea6a922c0db52
-
SSDEEP
3072:sr85C2ux9IfBqsmx/LpHQvLq/Zr9CSyOcd5WEEr85Cp:k92cmYsmr4Z89p
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-