General
-
Target
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9
-
Size
1.3MB
-
Sample
220212-aqyyksfeel
-
MD5
08676a0eaff0dc145df83c6e8da85920
-
SHA1
729bfe1fcc9a31ee58ca56b7cc702b035838cb76
-
SHA256
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9
-
SHA512
f80c3723a881de1317dfffabed8e07886651d8e6aa46b622562a4e726924bf7809e2101ed40e2316339067608febb6a2cf49a116a0cca791d9aea3afcf3e553e
Static task
static1
Behavioral task
behavioral1
Sample
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\Read-this.txt
Targets
-
-
Target
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9
-
Size
1.3MB
-
MD5
08676a0eaff0dc145df83c6e8da85920
-
SHA1
729bfe1fcc9a31ee58ca56b7cc702b035838cb76
-
SHA256
a76599e3fc1c23140ac11b4335416c3bc29b6d9a9c028ed845433dd47f18a2e9
-
SHA512
f80c3723a881de1317dfffabed8e07886651d8e6aa46b622562a4e726924bf7809e2101ed40e2316339067608febb6a2cf49a116a0cca791d9aea3afcf3e553e
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-