General
-
Target
901f61b4e88314dc5961d78c4d0ca1eafa0b5482986063144690bab174cfe8e1
-
Size
238KB
-
Sample
220523-3war6aaaf7
-
MD5
8cc712532b797826831b0ccbb76a04a7
-
SHA1
01f83fe7daaaf09bbf71f7acd25176c62f55e24f
-
SHA256
901f61b4e88314dc5961d78c4d0ca1eafa0b5482986063144690bab174cfe8e1
-
SHA512
80e93a65ad6f375acf1e5062a53d766561ca3db0b939ff1994427e1cbe2a7ab57d703df3c9b5e37a3fc524952e6b0496cd42bfbad0ee3ae72e4643ee77e89294
Malware Config
Targets
-
-
Target
901f61b4e88314dc5961d78c4d0ca1eafa0b5482986063144690bab174cfe8e1
-
Size
238KB
-
MD5
8cc712532b797826831b0ccbb76a04a7
-
SHA1
01f83fe7daaaf09bbf71f7acd25176c62f55e24f
-
SHA256
901f61b4e88314dc5961d78c4d0ca1eafa0b5482986063144690bab174cfe8e1
-
SHA512
80e93a65ad6f375acf1e5062a53d766561ca3db0b939ff1994427e1cbe2a7ab57d703df3c9b5e37a3fc524952e6b0496cd42bfbad0ee3ae72e4643ee77e89294
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-