6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309 | Triage

Submit
Reports

Overview

overview

Static

static

6ecb9d22d6...09.exe

windows7_x64

6ecb9d22d6...09.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309.exe

Resource

win7-en-20211208

neshta evasion persistence spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309.exe

Resource

win10v2004-en-20220112

neshta evasion persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309
Size

1.8MB
MD5

5647736d5f4e843683641a36fc619849
SHA1

36ffba58a204e1b1b09f07d55bb3c8faa9004282
SHA256

6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309
SHA512

84b1442c4403ba4997a6c386f35ca3be112cb216e1916058e1353f6dccf8ace03b580b149646a4cc1102bf1cdb73cadf7e0ba3341ee9ff5f3f18a250d117ceaa
SSDEEP

49152:FKABWc6cSgmpdloycUwFF4ff/O3VHbguCZJAJ8NasPlSLNcJ:/WXKwoyOFs4bfCZyJsPl8K

Score

N/A

Malware Config

Signatures

Files

6ecb9d22d6fa780cfd76b2d838bcb374360782d4b547e65f14e4fb1e08c59309
.exe windows x86

5f7a84930ca70110899f7db9c6a489f1

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary

Sections

Size: 18KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lnifhqji
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dkaaxqtz
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy