General
-
Target
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb
-
Size
1.6MB
-
Sample
220206-q9qz3sager
-
MD5
c5e204baec4a3995fd6ccaef20f0888d
-
SHA1
3e56bf9a91605df8aa6a576b5c2270c522926372
-
SHA256
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb
-
SHA512
93163d6c30ade44906198a81905f97454881f4dcdeee6cdc8dc620d4c09a5d0e0613715214e7baabc4745bc5f9b394e4d0788e2497f179d3043a8540757a20dd
Static task
static1
Behavioral task
behavioral1
Sample
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb
-
Size
1.6MB
-
MD5
c5e204baec4a3995fd6ccaef20f0888d
-
SHA1
3e56bf9a91605df8aa6a576b5c2270c522926372
-
SHA256
2c935d198c7b89d6812ceedb05dfd8b885ee6fcd4e16dc434dfc21f0f19930eb
-
SHA512
93163d6c30ade44906198a81905f97454881f4dcdeee6cdc8dc620d4c09a5d0e0613715214e7baabc4745bc5f9b394e4d0788e2497f179d3043a8540757a20dd
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-