General
-
Target
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c
-
Size
193KB
-
Sample
220223-azbveahbfq
-
MD5
1215e66406ca544e0b93dbae39439b18
-
SHA1
6eb1699d48532542a45555b8f1c0d09bcefe7e81
-
SHA256
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c
-
SHA512
4f0f97d0366ec76013371d61f19b4152bd26286625666fed5a4f41237c13dd8851715206d1afdd6144b5e769b442596c96c9559102526902998e31d5b6f6f831
Static task
static1
Behavioral task
behavioral1
Sample
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c
-
Size
193KB
-
MD5
1215e66406ca544e0b93dbae39439b18
-
SHA1
6eb1699d48532542a45555b8f1c0d09bcefe7e81
-
SHA256
02b8d22a5ddd5ec2399d753d8207e8256713b260ca5fc0b1fc9349d03391ed2c
-
SHA512
4f0f97d0366ec76013371d61f19b4152bd26286625666fed5a4f41237c13dd8851715206d1afdd6144b5e769b442596c96c9559102526902998e31d5b6f6f831
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Nirsoft
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-