General
-
Target
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8
-
Size
168KB
-
Sample
220222-j5rx9affcl
-
MD5
c0cda789e54e55adb82254b49ee6459c
-
SHA1
03117a0e347e5a4ebdbca24560777871e003eed4
-
SHA256
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8
-
SHA512
6bcc733d0d41599537842a741ef8411cf40a9c7a13ed50302bfcbf37c82f29fdc4d07b10d168d497f0e55820a9a193cce28dc30749e38f37ee320e2a15ab76f4
Static task
static1
Behavioral task
behavioral1
Sample
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8
-
Size
168KB
-
MD5
c0cda789e54e55adb82254b49ee6459c
-
SHA1
03117a0e347e5a4ebdbca24560777871e003eed4
-
SHA256
2c769cab7d5098a52060d096cf228eea4a23b85ae3c6717792f8dcf0cef471a8
-
SHA512
6bcc733d0d41599537842a741ef8411cf40a9c7a13ed50302bfcbf37c82f29fdc4d07b10d168d497f0e55820a9a193cce28dc30749e38f37ee320e2a15ab76f4
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Nirsoft
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-