General
-
Target
e35170e9b27a880dc373fd10c71794a14f506951493cb00a2b8b43f254ce4248.exe
-
Size
1.5MB
-
Sample
250116-k7vmlatrgj
-
MD5
fe5a903da761be50d695add8c79744e2
-
SHA1
bd5eda0dd4f835e444bc176d0d8b9e087529aa01
-
SHA256
e35170e9b27a880dc373fd10c71794a14f506951493cb00a2b8b43f254ce4248
-
SHA512
4586f8692db5a23b0b4c0e3e96a9691c9f8be86af7854d68b15970d55244b7e37b5c5a6929a4024a9ca2ec4cffdaec83aba23c3e3e1d28aef104d8c83a0ec8e9
-
SSDEEP
24576:RBTZdZY0bYDjAVwMh91DCyDg3Qi7ZBRSZBVCwLToUgbjmnU2WmzMbSmu5EeY/O:Rhnz64fDCMgAid7SbVCwAfeU2Wmzqe9
Malware Config
Targets
-
-
Target
e35170e9b27a880dc373fd10c71794a14f506951493cb00a2b8b43f254ce4248.exe
-
Size
1.5MB
-
MD5
fe5a903da761be50d695add8c79744e2
-
SHA1
bd5eda0dd4f835e444bc176d0d8b9e087529aa01
-
SHA256
e35170e9b27a880dc373fd10c71794a14f506951493cb00a2b8b43f254ce4248
-
SHA512
4586f8692db5a23b0b4c0e3e96a9691c9f8be86af7854d68b15970d55244b7e37b5c5a6929a4024a9ca2ec4cffdaec83aba23c3e3e1d28aef104d8c83a0ec8e9
-
SSDEEP
24576:RBTZdZY0bYDjAVwMh91DCyDg3Qi7ZBRSZBVCwLToUgbjmnU2WmzMbSmu5EeY/O:Rhnz64fDCMgAid7SbVCwAfeU2Wmzqe9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-