General
-
Target
ac696ff26dae3d008a7f1a8a33a6c067.exe
-
Size
633KB
-
Sample
211225-j1593sgbck
-
MD5
ac696ff26dae3d008a7f1a8a33a6c067
-
SHA1
0e450582db291be053ac6a4ccf722dc4441b1f2e
-
SHA256
44e08debeddf1bf932fd76e0fd0088eb196c036c92d662601ac8b55fe10528b9
-
SHA512
1e049cc4cdd0e6dc4f38771f271a8021ad5c771024ed9cc3aea787d184a976f84778fc127ff2ab67cb79e0621ddc60b4b872393f4fabb0dfceb977409f66c0c6
Static task
static1
Behavioral task
behavioral1
Sample
ac696ff26dae3d008a7f1a8a33a6c067.exe
Resource
win7-en-20211208
Malware Config
Extracted
amadey
2.86
2.56.56.210/notAnoob/index.php
Targets
-
-
Target
ac696ff26dae3d008a7f1a8a33a6c067.exe
-
Size
633KB
-
MD5
ac696ff26dae3d008a7f1a8a33a6c067
-
SHA1
0e450582db291be053ac6a4ccf722dc4441b1f2e
-
SHA256
44e08debeddf1bf932fd76e0fd0088eb196c036c92d662601ac8b55fe10528b9
-
SHA512
1e049cc4cdd0e6dc4f38771f271a8021ad5c771024ed9cc3aea787d184a976f84778fc127ff2ab67cb79e0621ddc60b4b872393f4fabb0dfceb977409f66c0c6
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-