General
-
Target
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98
-
Size
1.5MB
-
Sample
220206-nxwcxshhc2
-
MD5
4ad767ee5e28521f721ea2a08baa20b3
-
SHA1
3f088abcd0221ede88367146b08737b119c10c73
-
SHA256
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98
-
SHA512
50b044523e8f8e9c027385edf037aa513a1297601af80682299b56fa6f87bf2fe1660ea8ea8b14201fb4204942a3a826b3cccd43c2309d8777f1c4c55878e67d
Static task
static1
Behavioral task
behavioral1
Sample
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98
-
Size
1.5MB
-
MD5
4ad767ee5e28521f721ea2a08baa20b3
-
SHA1
3f088abcd0221ede88367146b08737b119c10c73
-
SHA256
71c87fa0253635f3563d6e605e893d02d87b00d59437cb3a0ab75dcf96596f98
-
SHA512
50b044523e8f8e9c027385edf037aa513a1297601af80682299b56fa6f87bf2fe1660ea8ea8b14201fb4204942a3a826b3cccd43c2309d8777f1c4c55878e67d
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-