General
-
Target
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c
-
Size
1.1MB
-
Sample
220306-a5s1wahff8
-
MD5
db85dded4094f62f8ffb0ca5cd921211
-
SHA1
733b74b18cce176cad7638963ed33f2c15fc85ed
-
SHA256
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c
-
SHA512
bc22c4bc70d0ec662e91f69a6f22a22d8a4f98a5702ca86f8d3a0fe7e78ad6acad83226a3d24b7c0035795866ba81ff251d1d93d909ada08d5cb54b18c65f0e6
Static task
static1
Behavioral task
behavioral1
Sample
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c
-
Size
1.1MB
-
MD5
db85dded4094f62f8ffb0ca5cd921211
-
SHA1
733b74b18cce176cad7638963ed33f2c15fc85ed
-
SHA256
34d79fceed10e41d66080be8e14e77daa485cdbfa4369553a85e38340685ce8c
-
SHA512
bc22c4bc70d0ec662e91f69a6f22a22d8a4f98a5702ca86f8d3a0fe7e78ad6acad83226a3d24b7c0035795866ba81ff251d1d93d909ada08d5cb54b18c65f0e6
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Registers COM server for autorun
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-