General
-
Target
daa5fbc7355c6586aaf420a8c1b2e989.exe
-
Size
516KB
-
Sample
211130-h94beahdc5
-
MD5
daa5fbc7355c6586aaf420a8c1b2e989
-
SHA1
c9554309b0266c41bd945f43c74da5139994ef17
-
SHA256
d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f
-
SHA512
64ced6fcc04cb810105d7782db0582b4588092499da18787135073cc069f448e6482938006f1e60cac3289febce52e8be085e3e313795772be5cad79582f805c
Static task
static1
Behavioral task
behavioral1
Sample
daa5fbc7355c6586aaf420a8c1b2e989.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
daa5fbc7355c6586aaf420a8c1b2e989.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
daa5fbc7355c6586aaf420a8c1b2e989.exe
-
Size
516KB
-
MD5
daa5fbc7355c6586aaf420a8c1b2e989
-
SHA1
c9554309b0266c41bd945f43c74da5139994ef17
-
SHA256
d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f
-
SHA512
64ced6fcc04cb810105d7782db0582b4588092499da18787135073cc069f448e6482938006f1e60cac3289febce52e8be085e3e313795772be5cad79582f805c
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-