General
-
Target
c0705041b495ccbaff8a486d43a1773cc1311154ff92b8fb45ae66eec8ad575d
-
Size
1.5MB
-
Sample
220524-3dznkafchr
-
MD5
88cb0a3e0961da86c65a2905b7172cb0
-
SHA1
fbf5141f6f859dc807e08f3c326c6bbdc955c498
-
SHA256
c0705041b495ccbaff8a486d43a1773cc1311154ff92b8fb45ae66eec8ad575d
-
SHA512
5643761e089845eda5c82d37002153cd5825ad1b54745f80bf194e9a2192ed70b921a30e71fbef0c03a985245536ab186ff6927339c838cb9f7ed47132d5a574
Malware Config
Targets
-
-
Target
c0705041b495ccbaff8a486d43a1773cc1311154ff92b8fb45ae66eec8ad575d
-
Size
1.5MB
-
MD5
88cb0a3e0961da86c65a2905b7172cb0
-
SHA1
fbf5141f6f859dc807e08f3c326c6bbdc955c498
-
SHA256
c0705041b495ccbaff8a486d43a1773cc1311154ff92b8fb45ae66eec8ad575d
-
SHA512
5643761e089845eda5c82d37002153cd5825ad1b54745f80bf194e9a2192ed70b921a30e71fbef0c03a985245536ab186ff6927339c838cb9f7ed47132d5a574
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-