General
-
Target
6b578d532c49d4a5f55c59e9efd341700556d7ed78d3249d56e4358aad4be5f3
-
Size
254KB
-
Sample
250213-a6cqaazral
-
MD5
02a024bee5958fd94bfe549e7cea29ca
-
SHA1
c9222564d68b85d7205c9ff2fbb7dd87f1be0254
-
SHA256
6b578d532c49d4a5f55c59e9efd341700556d7ed78d3249d56e4358aad4be5f3
-
SHA512
3614c0b89d514e68ff81562b1ee99f27590bbf5e5076a4d5fb9cf5ea3a18c298ac52b31f007a3e12bb9d5dc1ae4322c5e423b57b878864ba32ce929d00dfa968
-
SSDEEP
3072:ar85Crl4dsOc6v2vTzwU+Pho86meq+FaSoB2+vSHr8qcVz5fzsC:C943PiY+Fa7BdvG1cT7
Malware Config
Targets
-
-
Target
6b578d532c49d4a5f55c59e9efd341700556d7ed78d3249d56e4358aad4be5f3
-
Size
254KB
-
MD5
02a024bee5958fd94bfe549e7cea29ca
-
SHA1
c9222564d68b85d7205c9ff2fbb7dd87f1be0254
-
SHA256
6b578d532c49d4a5f55c59e9efd341700556d7ed78d3249d56e4358aad4be5f3
-
SHA512
3614c0b89d514e68ff81562b1ee99f27590bbf5e5076a4d5fb9cf5ea3a18c298ac52b31f007a3e12bb9d5dc1ae4322c5e423b57b878864ba32ce929d00dfa968
-
SSDEEP
3072:ar85Crl4dsOc6v2vTzwU+Pho86meq+FaSoB2+vSHr8qcVz5fzsC:C943PiY+Fa7BdvG1cT7
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1