General
-
Target
d729ee02365410ce6da96946897881061b6ec800f9a12ab84ddf327153c7bc20.exe
-
Size
40KB
-
Sample
250205-lancpaznds
-
MD5
1ffaa6d8efded53d81cfeb6fdaa7ad84
-
SHA1
1ac6f7c2448814a16cd8af76b53b4fe063807e02
-
SHA256
d729ee02365410ce6da96946897881061b6ec800f9a12ab84ddf327153c7bc20
-
SHA512
611a12c6156eb1b4f969852ca36b41a269a1f6a2f5a1b8bcac4a3c43970dd20369debd1d29a0ec67d6066f67f479748b1a7b0c995052109cebca0db0a4620e58
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJBlqTEdJh1/W:JxqjQ+P04wsmJCpH
Malware Config
Targets
-
-
Target
d729ee02365410ce6da96946897881061b6ec800f9a12ab84ddf327153c7bc20.exe
-
Size
40KB
-
MD5
1ffaa6d8efded53d81cfeb6fdaa7ad84
-
SHA1
1ac6f7c2448814a16cd8af76b53b4fe063807e02
-
SHA256
d729ee02365410ce6da96946897881061b6ec800f9a12ab84ddf327153c7bc20
-
SHA512
611a12c6156eb1b4f969852ca36b41a269a1f6a2f5a1b8bcac4a3c43970dd20369debd1d29a0ec67d6066f67f479748b1a7b0c995052109cebca0db0a4620e58
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJBlqTEdJh1/W:JxqjQ+P04wsmJCpH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-