General
-
Target
ab4d81e54b17fe8dc69b32ab26097d5997d039fbe5294db07c5e1874ec89d3c4N.exe
-
Size
946KB
-
Sample
250205-rc9xcsyrct
-
MD5
e10bff71b434904561f47483acf57850
-
SHA1
eb02b3f0ade99555b8dc8bf3080c5aa3f1dddeb0
-
SHA256
ab4d81e54b17fe8dc69b32ab26097d5997d039fbe5294db07c5e1874ec89d3c4
-
SHA512
5f747c85abcb07c43f33a3e824592ab5cf382714955ea79d06af937b3d327dda27664ebb9c1b020c689d249eae67123e2d7662be0e7d971f32424df6a9722ff4
-
SSDEEP
24576:v7DfcdoY5KwUIl3KauPT1RX+P/tbuJqeDykEr:vnkpKiPu71x2/4nDyR
Malware Config
Targets
-
-
Target
ab4d81e54b17fe8dc69b32ab26097d5997d039fbe5294db07c5e1874ec89d3c4N.exe
-
Size
946KB
-
MD5
e10bff71b434904561f47483acf57850
-
SHA1
eb02b3f0ade99555b8dc8bf3080c5aa3f1dddeb0
-
SHA256
ab4d81e54b17fe8dc69b32ab26097d5997d039fbe5294db07c5e1874ec89d3c4
-
SHA512
5f747c85abcb07c43f33a3e824592ab5cf382714955ea79d06af937b3d327dda27664ebb9c1b020c689d249eae67123e2d7662be0e7d971f32424df6a9722ff4
-
SSDEEP
24576:v7DfcdoY5KwUIl3KauPT1RX+P/tbuJqeDykEr:vnkpKiPu71x2/4nDyR
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-