General
-
Target
005e013db1522fe8f97efc49b738188429d2b8c098d586bc150b85c362e40ebfN.exe
-
Size
717KB
-
Sample
250125-kbrwtsvjdx
-
MD5
d6b5e001f64698d45727381698eea840
-
SHA1
dc00295dd076c771612cbdb8b923aea4dc21bc8d
-
SHA256
005e013db1522fe8f97efc49b738188429d2b8c098d586bc150b85c362e40ebf
-
SHA512
bec731a232554e1e23ec5a139f649c16e46d5fbc10b7c4ba03f8cedcbdfeac64d91fbe0ef87019a1fb87f6319ae380b505af94fbcfb839e2982989b35865b78c
-
SSDEEP
6144:k9O0bWLqHxR58GSOEfY1o3eWIdJ20r376dvciiw0CO979:Hsr8HOEfY1ouPJ22376dvx0
Malware Config
Targets
-
-
Target
005e013db1522fe8f97efc49b738188429d2b8c098d586bc150b85c362e40ebfN.exe
-
Size
717KB
-
MD5
d6b5e001f64698d45727381698eea840
-
SHA1
dc00295dd076c771612cbdb8b923aea4dc21bc8d
-
SHA256
005e013db1522fe8f97efc49b738188429d2b8c098d586bc150b85c362e40ebf
-
SHA512
bec731a232554e1e23ec5a139f649c16e46d5fbc10b7c4ba03f8cedcbdfeac64d91fbe0ef87019a1fb87f6319ae380b505af94fbcfb839e2982989b35865b78c
-
SSDEEP
6144:k9O0bWLqHxR58GSOEfY1o3eWIdJ20r376dvciiw0CO979:Hsr8HOEfY1ouPJ22376dvx0
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-