General
-
Target
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107
-
Size
389KB
-
Sample
220130-jtgcdahagp
-
MD5
530f03121f88fd864114d023e90c4ce5
-
SHA1
79492aabb325b2b3d5208512ba332bed0b7ca90c
-
SHA256
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107
-
SHA512
70b657e5b998cd599e1213f348963cd1fc93799d8d58c2feac313f32ff2195508fd186ed54e46e9d4da94ec01ec8181f0a6c10b6761c5c766b7a1e02eca8e90b
Static task
static1
Behavioral task
behavioral1
Sample
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107
-
Size
389KB
-
MD5
530f03121f88fd864114d023e90c4ce5
-
SHA1
79492aabb325b2b3d5208512ba332bed0b7ca90c
-
SHA256
20bd2c0698859a509073f5146c859cbbb126e5517f682c41865ec9ebc6d37107
-
SHA512
70b657e5b998cd599e1213f348963cd1fc93799d8d58c2feac313f32ff2195508fd186ed54e46e9d4da94ec01ec8181f0a6c10b6761c5c766b7a1e02eca8e90b
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Sodin,Sodinokibi,REvil
Ransomware with advanced anti-analysis and privilege escalation functionality.
-
Sodinokibi/Revil sample
-
Executes dropped EXE
-
Loads dropped DLL
-