General
-
Target
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9
-
Size
1.3MB
-
Sample
220212-assvcaeae5
-
MD5
2140adb39cf86f635f1c2d16dbe89970
-
SHA1
0aa79344a9f2f0a76f522b414701a74dab070167
-
SHA256
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9
-
SHA512
29d3991345197f6d482597cfb42349737eacb339f2e77f15f625622a80347de835c5198d4d3980319e3ab63613e9d1a10a8b3558f0c71643e8d5a6bae54bfa66
Static task
static1
Behavioral task
behavioral1
Sample
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
C:\Decryption-Guide.txt
Extracted
C:\Decryption-Guide.txt
Targets
-
-
Target
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9
-
Size
1.3MB
-
MD5
2140adb39cf86f635f1c2d16dbe89970
-
SHA1
0aa79344a9f2f0a76f522b414701a74dab070167
-
SHA256
7cb950b5904260b19798a6eb12d7bf1610a5725966d82fd7bef1550fc1a400a9
-
SHA512
29d3991345197f6d482597cfb42349737eacb339f2e77f15f625622a80347de835c5198d4d3980319e3ab63613e9d1a10a8b3558f0c71643e8d5a6bae54bfa66
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-