General
-
Target
fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8
-
Size
292KB
-
Sample
211224-teb48aeeh8
-
MD5
10faa416691892159990764fbb680344
-
SHA1
a48fa141a23829a4799e8fc5a2685df5192c6897
-
SHA256
fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8
-
SHA512
cdaffcca120448607453dccb4de40c5446c1167b18c5a3763faa322dfabeafa36e4d0a7f898c2850fc8a3ceb201711624a9727a6a71cdfe996db49d31a150313
Static task
static1
Behavioral task
behavioral1
Sample
fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8.exe
Resource
win10-en-20211208
Malware Config
Extracted
smokeloader
2020
http://rcacademy.at/upload/
http://e-lanpengeonline.com/upload/
http://vjcmvz.cn/upload/
http://galala.ru/upload/
http://witra.ru/upload/
Extracted
amadey
2.86
2.56.56.210/notAnoob/index.php
Targets
-
-
Target
fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8
-
Size
292KB
-
MD5
10faa416691892159990764fbb680344
-
SHA1
a48fa141a23829a4799e8fc5a2685df5192c6897
-
SHA256
fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8
-
SHA512
cdaffcca120448607453dccb4de40c5446c1167b18c5a3763faa322dfabeafa36e4d0a7f898c2850fc8a3ceb201711624a9727a6a71cdfe996db49d31a150313
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-