General
-
Target
1762a0a3de3d353469925c435ceafcfeebe005d3735386439ff0f0131f5925b5
-
Size
3.8MB
-
Sample
250126-yrp9ts1rfw
-
MD5
0e2672b7471cd2eb1a8d6b324192eac7
-
SHA1
25d8f4c9c25188dc61c3d4fd7e46de80d5f4d542
-
SHA256
1762a0a3de3d353469925c435ceafcfeebe005d3735386439ff0f0131f5925b5
-
SHA512
d827a62640f255976685fafff69d1ae1f4c9d198e622d3eaf864e89f738295464ee89724fcb45d662a67527faf2ba369b19109be0dd1d7740056f229817dd43c
-
SSDEEP
49152:CjP3KQLTi1GL6tSXAt9J4W+8Z0+0GD0AGeuVEusJ6LNzOeL0GKVIeCjF826If2y:0S3lSeuVlcm7fOKA
Malware Config
Targets
-
-
Target
1762a0a3de3d353469925c435ceafcfeebe005d3735386439ff0f0131f5925b5
-
Size
3.8MB
-
MD5
0e2672b7471cd2eb1a8d6b324192eac7
-
SHA1
25d8f4c9c25188dc61c3d4fd7e46de80d5f4d542
-
SHA256
1762a0a3de3d353469925c435ceafcfeebe005d3735386439ff0f0131f5925b5
-
SHA512
d827a62640f255976685fafff69d1ae1f4c9d198e622d3eaf864e89f738295464ee89724fcb45d662a67527faf2ba369b19109be0dd1d7740056f229817dd43c
-
SSDEEP
49152:CjP3KQLTi1GL6tSXAt9J4W+8Z0+0GD0AGeuVEusJ6LNzOeL0GKVIeCjF826If2y:0S3lSeuVlcm7fOKA
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-