General
-
Target
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e
-
Size
287KB
-
Sample
220524-dlt1lsgham
-
MD5
d2cbd8ad666ff7e64edf14c4a39f2126
-
SHA1
51f0602c5be27694cc4d42c1fd1685e54a1a49ed
-
SHA256
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e
-
SHA512
7014352635802a3d7284f1c5c8b9de104b4d2875d9e9ab37c497eb20fd71e88cb172740cc5241bddfbef2f236e91fb4a1b61c1f7260cd7769abc7d1bd9b592c6
Static task
static1
Behavioral task
behavioral1
Sample
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e
-
Size
287KB
-
MD5
d2cbd8ad666ff7e64edf14c4a39f2126
-
SHA1
51f0602c5be27694cc4d42c1fd1685e54a1a49ed
-
SHA256
3b909b27287612a90b076b03f11075cdf5b33ec85b8475d7c8491bbda29ef91e
-
SHA512
7014352635802a3d7284f1c5c8b9de104b4d2875d9e9ab37c497eb20fd71e88cb172740cc5241bddfbef2f236e91fb4a1b61c1f7260cd7769abc7d1bd9b592c6
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-