General
-
Target
2025-04-15_28ec4bc59208504ed111e8f07bfc15a5_black-basta_elex_hijackloader_luca-stealer_neshta
-
Size
903KB
-
Sample
250415-n3cg1axwby
-
MD5
28ec4bc59208504ed111e8f07bfc15a5
-
SHA1
82006f4795344cbe4f06d85d94f1e25790ba8562
-
SHA256
a13e7ad281efdc2a5de03d71bea2f87949b7f7f339bf7a1f508809ba4f33522c
-
SHA512
03ddc31a1046ee797e1bf22935067d53fc83a082e173e1a18c697e1123a3640cae65614dc069423643b2c43e196cc54bc0cffa105091d63522963e4884a718a0
-
SSDEEP
24576:OgmFKWVnbq6ygrYfQQkBUwbn53qyi+0Dr:apZtrY4QkBUwbnQyi+0n
Malware Config
Targets
-
-
Target
2025-04-15_28ec4bc59208504ed111e8f07bfc15a5_black-basta_elex_hijackloader_luca-stealer_neshta
-
Size
903KB
-
MD5
28ec4bc59208504ed111e8f07bfc15a5
-
SHA1
82006f4795344cbe4f06d85d94f1e25790ba8562
-
SHA256
a13e7ad281efdc2a5de03d71bea2f87949b7f7f339bf7a1f508809ba4f33522c
-
SHA512
03ddc31a1046ee797e1bf22935067d53fc83a082e173e1a18c697e1123a3640cae65614dc069423643b2c43e196cc54bc0cffa105091d63522963e4884a718a0
-
SSDEEP
24576:OgmFKWVnbq6ygrYfQQkBUwbn53qyi+0Dr:apZtrY4QkBUwbnQyi+0n
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-