General
-
Target
2025-04-15_394c73ba26506ffd634e74496f167502_black-basta_elex_neshta
-
Size
6.2MB
-
Sample
250415-epldba1zcy
-
MD5
394c73ba26506ffd634e74496f167502
-
SHA1
a5134fa43c00dcdee7eb4af5038b6ec8995ae0ce
-
SHA256
77a5800aef1e9cc2b433f4ddbb9f5883c64adceda37e387284a0698e74815b9e
-
SHA512
00b7c38a77e2811b0e538c2e7c5d0ff6b2d49c1d80aa1ce4abdaf24f83ca7da255870f202b8df3d258bae611e484d43ed3778c1bfef50ff11ee29db8e7df5d2b
-
SSDEEP
49152:nvx3wekcVU/qDNDbBCYKjj/zmyJP1OIcBpwKkYmAP2TVQOd0BXv23CJrRczTLLgB:N1nSvscn5Rul0Xsx
Malware Config
Targets
-
-
Target
2025-04-15_394c73ba26506ffd634e74496f167502_black-basta_elex_neshta
-
Size
6.2MB
-
MD5
394c73ba26506ffd634e74496f167502
-
SHA1
a5134fa43c00dcdee7eb4af5038b6ec8995ae0ce
-
SHA256
77a5800aef1e9cc2b433f4ddbb9f5883c64adceda37e387284a0698e74815b9e
-
SHA512
00b7c38a77e2811b0e538c2e7c5d0ff6b2d49c1d80aa1ce4abdaf24f83ca7da255870f202b8df3d258bae611e484d43ed3778c1bfef50ff11ee29db8e7df5d2b
-
SSDEEP
49152:nvx3wekcVU/qDNDbBCYKjj/zmyJP1OIcBpwKkYmAP2TVQOd0BXv23CJrRczTLLgB:N1nSvscn5Rul0Xsx
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-