General
-
Target
2025-04-15_e71721e98f4ffac5cf80a1a152b7785b_black-basta_elex_neshta
-
Size
3.4MB
-
Sample
250415-ret9pay1ax
-
MD5
e71721e98f4ffac5cf80a1a152b7785b
-
SHA1
4d6e82049f8af99850a03ee4dc73f2d7329be10e
-
SHA256
aece8c643947cab81aee3b77e6af7481302964eb195154fdde965e788165b6ea
-
SHA512
0a57c4b3c128f319d2f8e6a0cd5a63b2ced124dbeeb348c20fa19c3adb8a6579fbdcf370db8bc4803276e73b1503aff83ad2aeac24565baf9d527e4b86e7016d
-
SSDEEP
49152:FOt8K+RWWBxL4td+icCnAO1lde/OUiBqecx5dUI0+9ITcZAz:9Rx9cd+69q7S
Malware Config
Targets
-
-
Target
2025-04-15_e71721e98f4ffac5cf80a1a152b7785b_black-basta_elex_neshta
-
Size
3.4MB
-
MD5
e71721e98f4ffac5cf80a1a152b7785b
-
SHA1
4d6e82049f8af99850a03ee4dc73f2d7329be10e
-
SHA256
aece8c643947cab81aee3b77e6af7481302964eb195154fdde965e788165b6ea
-
SHA512
0a57c4b3c128f319d2f8e6a0cd5a63b2ced124dbeeb348c20fa19c3adb8a6579fbdcf370db8bc4803276e73b1503aff83ad2aeac24565baf9d527e4b86e7016d
-
SSDEEP
49152:FOt8K+RWWBxL4td+icCnAO1lde/OUiBqecx5dUI0+9ITcZAz:9Rx9cd+69q7S
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-