General
-
Target
4829907df072c3e2248835f8375971823210fa97bb1a871994cb5e0d1e49059eN.exe
-
Size
3.1MB
-
Sample
250116-wlak3sskat
-
MD5
8ffd07557fb0b3f892e30f900cb6afb0
-
SHA1
10264b488df86b2ca2a06e5a321720cb75a3c239
-
SHA256
4829907df072c3e2248835f8375971823210fa97bb1a871994cb5e0d1e49059e
-
SHA512
91452c2bf6e78bb0c36683eee0d1058158bd26aa9c6e4d054959772f079503376341e1fcdbc4ee755309c314608d3da9158d6f9b1b641d215fa4f055e8c8597f
-
SSDEEP
49152:ZQVD8jdMUOyeEpIC7F/iw+6pdM9X376IbAMINhqhFN7f6LlGiFkcmHAgC9T3G:6VwB8E/iUdM9X3ucFN7f6zdMHi3G
Malware Config
Targets
-
-
Target
4829907df072c3e2248835f8375971823210fa97bb1a871994cb5e0d1e49059eN.exe
-
Size
3.1MB
-
MD5
8ffd07557fb0b3f892e30f900cb6afb0
-
SHA1
10264b488df86b2ca2a06e5a321720cb75a3c239
-
SHA256
4829907df072c3e2248835f8375971823210fa97bb1a871994cb5e0d1e49059e
-
SHA512
91452c2bf6e78bb0c36683eee0d1058158bd26aa9c6e4d054959772f079503376341e1fcdbc4ee755309c314608d3da9158d6f9b1b641d215fa4f055e8c8597f
-
SSDEEP
49152:ZQVD8jdMUOyeEpIC7F/iw+6pdM9X376IbAMINhqhFN7f6LlGiFkcmHAgC9T3G:6VwB8E/iUdM9X3ucFN7f6zdMHi3G
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-