General
-
Target
SecuriteInfo.com.W32.MSIL_Kryptik.ERY.genEldorado.22139.11301
-
Size
700KB
-
Sample
210706-s12y9abwej
-
MD5
4c33a8d7ea67f81000eee8b1c9475f9c
-
SHA1
a96a1a2cd37af1a04fafc9104b59661924c2c2a0
-
SHA256
3fa53f6f68e280013eb9651a53a3c40a16fa99f7689d0761b3f95b2de68b22cf
-
SHA512
d93206e78dbfc4e1ca1633172c7aeb93ba6270822e7f8880220599731d9db4299ea85e1d14d59929ebe6e9b812d09f8db180df4fa4f2bbc93fc4d8a0aad87cf0
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.MSIL_Kryptik.ERY.genEldorado.22139.11301.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SecuriteInfo.com.W32.MSIL_Kryptik.ERY.genEldorado.22139.11301.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
SecuriteInfo.com.W32.MSIL_Kryptik.ERY.genEldorado.22139.11301
-
Size
700KB
-
MD5
4c33a8d7ea67f81000eee8b1c9475f9c
-
SHA1
a96a1a2cd37af1a04fafc9104b59661924c2c2a0
-
SHA256
3fa53f6f68e280013eb9651a53a3c40a16fa99f7689d0761b3f95b2de68b22cf
-
SHA512
d93206e78dbfc4e1ca1633172c7aeb93ba6270822e7f8880220599731d9db4299ea85e1d14d59929ebe6e9b812d09f8db180df4fa4f2bbc93fc4d8a0aad87cf0
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-