General
-
Target
37fe565cf8f3c423a0c8976353518e64dc37f3abc9ad3f3b3f9d4a1137f468ab
-
Size
370KB
-
Sample
250205-1qlalatjcw
-
MD5
fe26e3f9cdf62f122c77faabe879bd77
-
SHA1
46814e65d467d88d38518c10709e2ce71287f850
-
SHA256
37fe565cf8f3c423a0c8976353518e64dc37f3abc9ad3f3b3f9d4a1137f468ab
-
SHA512
4998c6a734ad7a6fa1dcdf3c6e72d480ad6e65a60cac2a1a1dc5666249796effa7a3fc167aa4e711d09b04b3c1f6a30ea7615704d09d61b27246cbd3fd1e2c7b
-
SSDEEP
6144:k91eFHDi+DZUdHDgKhroPgwl+cq7oq/UUHZiwn9hvjib:eeFHDHCDrokcq7oA59nrk
Malware Config
Targets
-
-
Target
37fe565cf8f3c423a0c8976353518e64dc37f3abc9ad3f3b3f9d4a1137f468ab
-
Size
370KB
-
MD5
fe26e3f9cdf62f122c77faabe879bd77
-
SHA1
46814e65d467d88d38518c10709e2ce71287f850
-
SHA256
37fe565cf8f3c423a0c8976353518e64dc37f3abc9ad3f3b3f9d4a1137f468ab
-
SHA512
4998c6a734ad7a6fa1dcdf3c6e72d480ad6e65a60cac2a1a1dc5666249796effa7a3fc167aa4e711d09b04b3c1f6a30ea7615704d09d61b27246cbd3fd1e2c7b
-
SSDEEP
6144:k91eFHDi+DZUdHDgKhroPgwl+cq7oq/UUHZiwn9hvjib:eeFHDHCDrokcq7oA59nrk
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-