General
-
Target
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902
-
Size
388KB
-
Sample
220124-bbfzwshbc3
-
MD5
573ba3a6bd1ed5e08607edd87abf179c
-
SHA1
7c9f4fea91a14701a3e5cb2f851c3dff34fb5ff2
-
SHA256
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902
-
SHA512
98a634a88e9a27ff0807b93a5c38d57554ea71f7b66602e707cbc8bfb4d6af794895d072f10e55f5d51e401be07ab3c62fbd38eeda6b3e64c843e9e0f08a0f35
Static task
static1
Behavioral task
behavioral1
Sample
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902
-
Size
388KB
-
MD5
573ba3a6bd1ed5e08607edd87abf179c
-
SHA1
7c9f4fea91a14701a3e5cb2f851c3dff34fb5ff2
-
SHA256
d53e6eb20d40a10c81e23bd9d6c9ebdf6da3c4620583028def3c517f1db09902
-
SHA512
98a634a88e9a27ff0807b93a5c38d57554ea71f7b66602e707cbc8bfb4d6af794895d072f10e55f5d51e401be07ab3c62fbd38eeda6b3e64c843e9e0f08a0f35
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Sodin,Sodinokibi,REvil
Ransomware with advanced anti-analysis and privilege escalation functionality.
-
Sodinokibi/Revil sample
-
Executes dropped EXE
-
Loads dropped DLL
-