General
-
Target
cf8b7f99964e29d26f571c26c65bb8e7f012704e00c429a2300915ac8c8ae0ca
-
Size
942KB
-
Sample
250123-jgs6ea1kbk
-
MD5
6514b2a30221802af2f9128037d16e0a
-
SHA1
957f913d26b225a4a83643eda7a4974bf3aed98a
-
SHA256
cf8b7f99964e29d26f571c26c65bb8e7f012704e00c429a2300915ac8c8ae0ca
-
SHA512
71bd47e197ebee48883aed12311b8f5ab1fa579bfb6c174a7ed96ff86c0be650786de42e19c5108dc58cca011d7064aad901397a44f673bcfe2e0af6fc946b75
-
SSDEEP
24576:jqR2Q5Wq2TyRZc1nT24VT+Hx6m2kTGYj2N6FnsSYzda5M1fLmwiU0kdQNxMTHoh8:eqyi24w0m2kTjeN
Malware Config
Targets
-
-
Target
cf8b7f99964e29d26f571c26c65bb8e7f012704e00c429a2300915ac8c8ae0ca
-
Size
942KB
-
MD5
6514b2a30221802af2f9128037d16e0a
-
SHA1
957f913d26b225a4a83643eda7a4974bf3aed98a
-
SHA256
cf8b7f99964e29d26f571c26c65bb8e7f012704e00c429a2300915ac8c8ae0ca
-
SHA512
71bd47e197ebee48883aed12311b8f5ab1fa579bfb6c174a7ed96ff86c0be650786de42e19c5108dc58cca011d7064aad901397a44f673bcfe2e0af6fc946b75
-
SSDEEP
24576:jqR2Q5Wq2TyRZc1nT24VT+Hx6m2kTGYj2N6FnsSYzda5M1fLmwiU0kdQNxMTHoh8:eqyi24w0m2kTjeN
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-