General
-
Target
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8
-
Size
137KB
-
Sample
220306-qt3nyaagc9
-
MD5
c1064f361e1f0d8562753acdc3d04ef4
-
SHA1
e044fe6baad0477fddd6fa52b1c365a79fe73335
-
SHA256
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8
-
SHA512
97927a782c1b23bf670bc19569bd42d69c62cc4432cceb9a81b1ea31da2e5e70288768c9622336dddf80cd8f2b7e7426bac731307aaa266871297042ebdc1bee
Static task
static1
Behavioral task
behavioral1
Sample
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8
-
Size
137KB
-
MD5
c1064f361e1f0d8562753acdc3d04ef4
-
SHA1
e044fe6baad0477fddd6fa52b1c365a79fe73335
-
SHA256
f68365b3db8f5b22173666468e6998a73984acc9b55fe84315868894944474d8
-
SHA512
97927a782c1b23bf670bc19569bd42d69c62cc4432cceb9a81b1ea31da2e5e70288768c9622336dddf80cd8f2b7e7426bac731307aaa266871297042ebdc1bee
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Nirsoft
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-