General
-
Target
new oder sheet 0015.xlsx
-
Size
393KB
-
Sample
211029-vdzdssadap
-
MD5
c5b4e04376f591216414fd74ac502754
-
SHA1
994118f839ea429d14061544e481c58354eb91ff
-
SHA256
78fcce5df6a344aba1293482c3db070a4f313af25b4c7cb3e9eb6eca45c9a7c3
-
SHA512
d2fdbc873be0bb28ca0750a88dec52253ba9a7d1fd94bbbaac4791b7291627fc752ade3dba858aaf39b24052e7a0fc27068ad3d8f02b878ef4875a3f57a339cc
Static task
static1
Behavioral task
behavioral1
Sample
new oder sheet 0015.xlsx
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
new oder sheet 0015.xlsx
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
new oder sheet 0015.xlsx
-
Size
393KB
-
MD5
c5b4e04376f591216414fd74ac502754
-
SHA1
994118f839ea429d14061544e481c58354eb91ff
-
SHA256
78fcce5df6a344aba1293482c3db070a4f313af25b4c7cb3e9eb6eca45c9a7c3
-
SHA512
d2fdbc873be0bb28ca0750a88dec52253ba9a7d1fd94bbbaac4791b7291627fc752ade3dba858aaf39b24052e7a0fc27068ad3d8f02b878ef4875a3f57a339cc
Score10/10-
Detect Neshta Payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-