General
-
Target
dd4e21566ddf915bb233a1eeeecf85860e9ba223fc31dab1b0bd829455352cde
-
Size
424KB
-
Sample
250124-lfmncasqgj
-
MD5
853637d460f58430e7bf092e17cfefce
-
SHA1
ea6b974a95c60edc9c5888b5614114fca95f44ea
-
SHA256
dd4e21566ddf915bb233a1eeeecf85860e9ba223fc31dab1b0bd829455352cde
-
SHA512
4f98577fddd1cafbb3898d5b088bbbbafc93a20dbb3611cd99bb47aa27fbed6fa9fb9b1b5c6f64ac1e3f53179464ee1a81d8778379dd1d35c067c47ff26dda57
-
SSDEEP
6144:k9CBo+xVhuXXM3wQ9pOFSe9xnxvozk3mlDxAyT4VsG9:HLxVhuXXg7+SevR+PS
Malware Config
Targets
-
-
Target
dd4e21566ddf915bb233a1eeeecf85860e9ba223fc31dab1b0bd829455352cde
-
Size
424KB
-
MD5
853637d460f58430e7bf092e17cfefce
-
SHA1
ea6b974a95c60edc9c5888b5614114fca95f44ea
-
SHA256
dd4e21566ddf915bb233a1eeeecf85860e9ba223fc31dab1b0bd829455352cde
-
SHA512
4f98577fddd1cafbb3898d5b088bbbbafc93a20dbb3611cd99bb47aa27fbed6fa9fb9b1b5c6f64ac1e3f53179464ee1a81d8778379dd1d35c067c47ff26dda57
-
SSDEEP
6144:k9CBo+xVhuXXM3wQ9pOFSe9xnxvozk3mlDxAyT4VsG9:HLxVhuXXg7+SevR+PS
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-