General
-
Target
2025-03-30_430cb88cac42031907c59d8248a32a1d_black-basta_hijackloader_neshta
-
Size
6.7MB
-
Sample
250330-gynk5stny4
-
MD5
430cb88cac42031907c59d8248a32a1d
-
SHA1
9d83d32ec18f42d1d8242736e9c3185e02113b9c
-
SHA256
daff395b4265e73203191a630a7e757c3e2a8ab6f779cfd8ca5fe6352adfa943
-
SHA512
9d6a4afffefd1c11c8a56e1f342b18a10c0cb59303bcc35d85105dd8ddb628c86095f303133bf0f8c884440f4479351632fc759fd2b9b5143397956134796693
-
SSDEEP
49152:05VPMCm34kvo6jZO0VUA4bfo4dfnfMDTpDHDzJCm0/dyEmorJa6+oDpBfNDcBfTk:05VkLCZdujCaObfNDcB1rs46bg1rDLC
Malware Config
Targets
-
-
Target
2025-03-30_430cb88cac42031907c59d8248a32a1d_black-basta_hijackloader_neshta
-
Size
6.7MB
-
MD5
430cb88cac42031907c59d8248a32a1d
-
SHA1
9d83d32ec18f42d1d8242736e9c3185e02113b9c
-
SHA256
daff395b4265e73203191a630a7e757c3e2a8ab6f779cfd8ca5fe6352adfa943
-
SHA512
9d6a4afffefd1c11c8a56e1f342b18a10c0cb59303bcc35d85105dd8ddb628c86095f303133bf0f8c884440f4479351632fc759fd2b9b5143397956134796693
-
SSDEEP
49152:05VPMCm34kvo6jZO0VUA4bfo4dfnfMDTpDHDzJCm0/dyEmorJa6+oDpBfNDcBfTk:05VkLCZdujCaObfNDcB1rs46bg1rDLC
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-