General
-
Target
new_order_sheet_0016.xlsx
-
Size
486KB
-
Sample
211029-qfz1wsaagj
-
MD5
15c9dee0549b0ace548890de44acd781
-
SHA1
bce6ac3620d2f7ebcff5b153da84a8acc188461c
-
SHA256
1a24bd8a5dbb7292e5b2bc2a9d3958eed8a1a3107f4e07e5ad0031f626a708a9
-
SHA512
8d8445c90e6aed78d632e06532cbc5b2c30c01eb09b231337cb7485ac9569f585e99f9f2fd71b61eb74c000996656fbed628304d26f934ddba4382b374ba9ce9
Malware Config
Targets
-
-
Target
new_order_sheet_0016.xlsx
-
Size
486KB
-
MD5
15c9dee0549b0ace548890de44acd781
-
SHA1
bce6ac3620d2f7ebcff5b153da84a8acc188461c
-
SHA256
1a24bd8a5dbb7292e5b2bc2a9d3958eed8a1a3107f4e07e5ad0031f626a708a9
-
SHA512
8d8445c90e6aed78d632e06532cbc5b2c30c01eb09b231337cb7485ac9569f585e99f9f2fd71b61eb74c000996656fbed628304d26f934ddba4382b374ba9ce9
Score10/10-
Detect Neshta Payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-