General
-
Target
5dbd1cc67169bcaf2cd7baa8c55e28f781e81e4ebe84b10554704c71a43f5d39N.exe
-
Size
572KB
-
Sample
250121-sb4jmayqhv
-
MD5
953d77b8e1bb134c3c427b54b21114a0
-
SHA1
7f02a034fccee6775668a7a8a5ba91312a3c7e9f
-
SHA256
5dbd1cc67169bcaf2cd7baa8c55e28f781e81e4ebe84b10554704c71a43f5d39
-
SHA512
a36d89e89bc33f8fcc51063c293de0af5368f8cff02bb9c439454636f5a102c3db70320627b0cb3fa9da4c8c65d06d1a2dde89eff7f625b8ba43d9a2c179ba58
-
SSDEEP
12288:TnYYRPW4lJEXNiBmAV2HYnirduwxsS5wFio/g5R:TYYPfJExHRrcwKB7+R
Malware Config
Targets
-
-
Target
5dbd1cc67169bcaf2cd7baa8c55e28f781e81e4ebe84b10554704c71a43f5d39N.exe
-
Size
572KB
-
MD5
953d77b8e1bb134c3c427b54b21114a0
-
SHA1
7f02a034fccee6775668a7a8a5ba91312a3c7e9f
-
SHA256
5dbd1cc67169bcaf2cd7baa8c55e28f781e81e4ebe84b10554704c71a43f5d39
-
SHA512
a36d89e89bc33f8fcc51063c293de0af5368f8cff02bb9c439454636f5a102c3db70320627b0cb3fa9da4c8c65d06d1a2dde89eff7f625b8ba43d9a2c179ba58
-
SSDEEP
12288:TnYYRPW4lJEXNiBmAV2HYnirduwxsS5wFio/g5R:TYYPfJExHRrcwKB7+R
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-