General
-
Target
cc9fa0e50f1aa5fd9da3abb44545fd33e41e5c554749593b8d6bb6522bdbc119
-
Size
570KB
-
Sample
220523-zlcxzsfhb3
-
MD5
af5a9245db8fc5d22f2315d4307a9337
-
SHA1
d38efa52f717b6461f6753f056204365d9738f69
-
SHA256
cc9fa0e50f1aa5fd9da3abb44545fd33e41e5c554749593b8d6bb6522bdbc119
-
SHA512
2d4a39156a3da1e0caf718a8dc24da40ba124e217d38d93beabbdc55028df962b5e132b3073b8317cbd8b6eb2b27cee279578e05fa4d2cbd6768bccb94cce156
Malware Config
Targets
-
-
Target
cc9fa0e50f1aa5fd9da3abb44545fd33e41e5c554749593b8d6bb6522bdbc119
-
Size
570KB
-
MD5
af5a9245db8fc5d22f2315d4307a9337
-
SHA1
d38efa52f717b6461f6753f056204365d9738f69
-
SHA256
cc9fa0e50f1aa5fd9da3abb44545fd33e41e5c554749593b8d6bb6522bdbc119
-
SHA512
2d4a39156a3da1e0caf718a8dc24da40ba124e217d38d93beabbdc55028df962b5e132b3073b8317cbd8b6eb2b27cee279578e05fa4d2cbd6768bccb94cce156
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-