General
-
Target
file._
-
Size
25KB
-
Sample
211129-t6t44scdfn
-
MD5
d1ccc4c14c77d812df22bdf4e32f34e4
-
SHA1
5d78f025738af621d64b3666553ddb04678895a4
-
SHA256
390f5ea35dbe68a871181a98dab7c3eec7d87124726a79320d5197f517ce8616
-
SHA512
fe288eefd02b1b9d53be64a721945de6d09b9ae33096707ad0dd51f2adc9392a16f27a46fa443ce620f6a492c46ba51b5811225afb13eee95ca32ef8d65e7001
Static task
static1
Behavioral task
behavioral1
Sample
AN HAI 273 V-S159 1606 KAO-BK =GG-10-2020.doc
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
AN HAI 273 V-S159 1606 KAO-BK =GG-10-2020.doc
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
AN HAI 273 V-S159 1606 KAO-BK =GG-10-2020.doc
-
Size
303KB
-
MD5
fea600c8597e2b7931a9f6f781a2b43a
-
SHA1
eec64a5c8119268b5d13873747bc3f05c33dc6cb
-
SHA256
d040437bdc2a5c34ca7ffeb1f46f6adf82b6e5492748ec22b630a918b53a2b95
-
SHA512
598d74bab9b8bfc9eb0fcfe623dccbd6d7825d74bf7228b76221bcc3732d7ce7d9b09cf45fa3638aefe966d90fef00267b630c991da62c94a0bb62405f9bb777
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-