General
-
Target
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337
-
Size
251KB
-
Sample
220131-zgyznaccd7
-
MD5
3e11c823c2475c951d71893f2484dfa4
-
SHA1
91351132f85c8a516f5b3b41c1854ef9c87c1879
-
SHA256
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337
-
SHA512
78f615f9cc68f3f9ef7dad5a12f862feaf10202880ad55305f02304aaaa224dd8e3dbeaeb65307707e445f2d7552bbc9e73d93982633a0e6a31695f3394f42ec
Static task
static1
Behavioral task
behavioral1
Sample
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337
-
Size
251KB
-
MD5
3e11c823c2475c951d71893f2484dfa4
-
SHA1
91351132f85c8a516f5b3b41c1854ef9c87c1879
-
SHA256
05a473e9c2e00a7a13a69879ba5473c4b17700c5329ca8d9ee457e763d778337
-
SHA512
78f615f9cc68f3f9ef7dad5a12f862feaf10202880ad55305f02304aaaa224dd8e3dbeaeb65307707e445f2d7552bbc9e73d93982633a0e6a31695f3394f42ec
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-