General
-
Target
2025-03-29_e2369472ee926aff8ccc124cd00d3e82_black-basta_hijackloader_luca-stealer_neshta
-
Size
8.5MB
-
Sample
250329-y1wg7s1tgt
-
MD5
e2369472ee926aff8ccc124cd00d3e82
-
SHA1
9edd02cd3c44f0b9b163c55988c5a523f913695e
-
SHA256
c6af587026b4b713ce8f1c9bc103ec2fed78accd16f26b5272b412f10300ad55
-
SHA512
04af9ed5f87137aef744eea424ceb974a2ac3fdda5096c055d18876ce5b509f0ac5a4a389773856c440b08d8be92ad6053ce49b3435ad05419149f26b7bf8488
-
SSDEEP
196608:sNWvMZmI8qx5AxLg+mB6qDVKrNo+RpPOSdeIZ5yH+7BzLZMYFnIwBxu330GO:sa4Wqx5YLg+y/DVKrNoCPoIZ5I+7B/2Q
Malware Config
Targets
-
-
Target
2025-03-29_e2369472ee926aff8ccc124cd00d3e82_black-basta_hijackloader_luca-stealer_neshta
-
Size
8.5MB
-
MD5
e2369472ee926aff8ccc124cd00d3e82
-
SHA1
9edd02cd3c44f0b9b163c55988c5a523f913695e
-
SHA256
c6af587026b4b713ce8f1c9bc103ec2fed78accd16f26b5272b412f10300ad55
-
SHA512
04af9ed5f87137aef744eea424ceb974a2ac3fdda5096c055d18876ce5b509f0ac5a4a389773856c440b08d8be92ad6053ce49b3435ad05419149f26b7bf8488
-
SSDEEP
196608:sNWvMZmI8qx5AxLg+mB6qDVKrNo+RpPOSdeIZ5yH+7BzLZMYFnIwBxu330GO:sa4Wqx5YLg+y/DVKrNoCPoIZ5I+7B/2Q
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-