General
-
Target
813b07fbf1cff09d52cf8e8fa8034ceeca0972dbef0a88a50738f96d953c3e2c
-
Size
125KB
-
Sample
250117-dz6xbszrat
-
MD5
5dd8b3545e3025063a6c47e3e2392f2c
-
SHA1
48dc76d2623565a39249e391b420e89e6127cd6a
-
SHA256
813b07fbf1cff09d52cf8e8fa8034ceeca0972dbef0a88a50738f96d953c3e2c
-
SHA512
99525540267ffce877fa741fb7bb6241de55c3cde4f2578d81068113188b60ed3c225dd40d2f7b52cf379ac7d21ae9d5c56a40c1985363a4b47ffb4be398e8ed
-
SSDEEP
3072:sr85CQSsW+Z5qantKILi9spATaJs2Rc0ZNP:k9QSK7qts7J1ZNP
Malware Config
Targets
-
-
Target
813b07fbf1cff09d52cf8e8fa8034ceeca0972dbef0a88a50738f96d953c3e2c
-
Size
125KB
-
MD5
5dd8b3545e3025063a6c47e3e2392f2c
-
SHA1
48dc76d2623565a39249e391b420e89e6127cd6a
-
SHA256
813b07fbf1cff09d52cf8e8fa8034ceeca0972dbef0a88a50738f96d953c3e2c
-
SHA512
99525540267ffce877fa741fb7bb6241de55c3cde4f2578d81068113188b60ed3c225dd40d2f7b52cf379ac7d21ae9d5c56a40c1985363a4b47ffb4be398e8ed
-
SSDEEP
3072:sr85CQSsW+Z5qantKILi9spATaJs2Rc0ZNP:k9QSK7qts7J1ZNP
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-