General
-
Target
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57
-
Size
343KB
-
Sample
220524-s3thqsbheq
-
MD5
e30a2b6390e4d88e41e986ccf1fdd1ff
-
SHA1
f6cba6a86bd60cd48ee30779dc54b12b379862b0
-
SHA256
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57
-
SHA512
44c5282ed5194b0afc4d8775c8c23fb08827a7e5372399a5cdc0c76db6c31e648addfeaa01e46f846ab8a7c00f96b2f52471babae19c43a9f6232c1a95014f39
Static task
static1
Behavioral task
behavioral1
Sample
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57
-
Size
343KB
-
MD5
e30a2b6390e4d88e41e986ccf1fdd1ff
-
SHA1
f6cba6a86bd60cd48ee30779dc54b12b379862b0
-
SHA256
efa476e88b1132b3624b4a6f46ee216eb0af08068fa904d51ccee94861ef6e57
-
SHA512
44c5282ed5194b0afc4d8775c8c23fb08827a7e5372399a5cdc0c76db6c31e648addfeaa01e46f846ab8a7c00f96b2f52471babae19c43a9f6232c1a95014f39
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-