General
-
Target
8fdf6032932fa1a0c9b0fd342ee8bee1
-
Size
1.1MB
-
Sample
210923-l4qpxaeah4
-
MD5
8fdf6032932fa1a0c9b0fd342ee8bee1
-
SHA1
5b939ccc5f0eaf36dd38915af1da00065940cf70
-
SHA256
ec0627ef1feef5903f5771bdb6df060a295af132e90ed023f2e1ad14d5ffb40b
-
SHA512
0d74c116728fb3d40a49bd0ee7658ac0f5984a2bf5fe180bd36714db15534dc4a3148ba710360138e0032bc149423170b6a3e2808d368a2c0d3e51365236df8e
Static task
static1
Behavioral task
behavioral1
Sample
8fdf6032932fa1a0c9b0fd342ee8bee1.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
8fdf6032932fa1a0c9b0fd342ee8bee1.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
8fdf6032932fa1a0c9b0fd342ee8bee1
-
Size
1.1MB
-
MD5
8fdf6032932fa1a0c9b0fd342ee8bee1
-
SHA1
5b939ccc5f0eaf36dd38915af1da00065940cf70
-
SHA256
ec0627ef1feef5903f5771bdb6df060a295af132e90ed023f2e1ad14d5ffb40b
-
SHA512
0d74c116728fb3d40a49bd0ee7658ac0f5984a2bf5fe180bd36714db15534dc4a3148ba710360138e0032bc149423170b6a3e2808d368a2c0d3e51365236df8e
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-