General
-
Target
ceb71afd28d54749a038387e2c9c4d189b0e2878428e6f62a20c34e8be701594
-
Size
4.2MB
-
Sample
220524-rfaaxahcer
-
MD5
e1e261cf3c2c0b128cab982171468b74
-
SHA1
ee721c539932808cb3e4691ae94c6fd27ab9e53d
-
SHA256
ceb71afd28d54749a038387e2c9c4d189b0e2878428e6f62a20c34e8be701594
-
SHA512
020f39f242e148540e20c25fcdf1dc52a0a112252262a14f6028f51ed174a7bf66480c8c99cafb8feea8c096dbfe8e5f95121cadbb0264133cd95ef033b9c6b3
Malware Config
Targets
-
-
Target
ceb71afd28d54749a038387e2c9c4d189b0e2878428e6f62a20c34e8be701594
-
Size
4.2MB
-
MD5
e1e261cf3c2c0b128cab982171468b74
-
SHA1
ee721c539932808cb3e4691ae94c6fd27ab9e53d
-
SHA256
ceb71afd28d54749a038387e2c9c4d189b0e2878428e6f62a20c34e8be701594
-
SHA512
020f39f242e148540e20c25fcdf1dc52a0a112252262a14f6028f51ed174a7bf66480c8c99cafb8feea8c096dbfe8e5f95121cadbb0264133cd95ef033b9c6b3
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-