General
-
Target
ef68f1eab7deb9bed15039a135ad621043fdd6fa7972a9e0387a46f904a019e2N.exe
-
Size
434KB
-
Sample
250125-kqmwesvpgs
-
MD5
17a273519c4950e8930a2f879d1659c0
-
SHA1
5234cab83797f504fb80e2e7d2f13dd46737f906
-
SHA256
ef68f1eab7deb9bed15039a135ad621043fdd6fa7972a9e0387a46f904a019e2
-
SHA512
2ad5443e9db241137c686483a52261d8f13d74ef2debecb3685b79069f73699fb9c913088229be4bd93d591ae61903e89bc9d63e56d475897a622486b6c9cc4a
-
SSDEEP
12288:4Gj8yn/BZ22ON+8JLxN+uqESXCID0hr/wTQg0k:RxpZ22OE8FxN+umXTCTwTQg0k
Malware Config
Targets
-
-
Target
ef68f1eab7deb9bed15039a135ad621043fdd6fa7972a9e0387a46f904a019e2N.exe
-
Size
434KB
-
MD5
17a273519c4950e8930a2f879d1659c0
-
SHA1
5234cab83797f504fb80e2e7d2f13dd46737f906
-
SHA256
ef68f1eab7deb9bed15039a135ad621043fdd6fa7972a9e0387a46f904a019e2
-
SHA512
2ad5443e9db241137c686483a52261d8f13d74ef2debecb3685b79069f73699fb9c913088229be4bd93d591ae61903e89bc9d63e56d475897a622486b6c9cc4a
-
SSDEEP
12288:4Gj8yn/BZ22ON+8JLxN+uqESXCID0hr/wTQg0k:RxpZ22OE8FxN+umXTCTwTQg0k
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-