General
-
Target
Quote.png.scr
-
Size
528KB
-
Sample
211109-y4zn2achdl
-
MD5
06b4fd7c3d1966efe2747227379e2649
-
SHA1
6d1f81c6b8041395342e53476247109a3ca3f433
-
SHA256
b0bd95ea0aa5de9849e555fc8a62f51e1406c6b4dc890ce9a63c9807184d9f0b
-
SHA512
8c74a3ee29ca9c8c14871be2035c56a397bc81b1a022595fea3e102d5df9243c30e0ad59b7865bd66b3e413c80246493a2a43c6655085f8bb4b9f21f9ff9f8c0
Static task
static1
Behavioral task
behavioral1
Sample
Quote.png.scr
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Quote.png.scr
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
Quote.png.scr
-
Size
528KB
-
MD5
06b4fd7c3d1966efe2747227379e2649
-
SHA1
6d1f81c6b8041395342e53476247109a3ca3f433
-
SHA256
b0bd95ea0aa5de9849e555fc8a62f51e1406c6b4dc890ce9a63c9807184d9f0b
-
SHA512
8c74a3ee29ca9c8c14871be2035c56a397bc81b1a022595fea3e102d5df9243c30e0ad59b7865bd66b3e413c80246493a2a43c6655085f8bb4b9f21f9ff9f8c0
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-