General
-
Target
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4
-
Size
1.1MB
-
Sample
220524-s7c2jsgdd2
-
MD5
3819a3c01e3c206888e4e8575ec1dba8
-
SHA1
f46fcf2b667384e8ee3f607f134cafd6ad74ef74
-
SHA256
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4
-
SHA512
5e2e7ec436c1d67e0050d8e6bbc001075d289b9dc65829bd122894e0204ae45bc711130f71f8b3e33b11b897d8e88af670dba643fe7c7f697010b98e37fdafb2
Static task
static1
Behavioral task
behavioral1
Sample
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4
-
Size
1.1MB
-
MD5
3819a3c01e3c206888e4e8575ec1dba8
-
SHA1
f46fcf2b667384e8ee3f607f134cafd6ad74ef74
-
SHA256
d8edea5e5351b2d98c588c4aa059283f75381c0c0707aba8776032d2c3441ef4
-
SHA512
5e2e7ec436c1d67e0050d8e6bbc001075d289b9dc65829bd122894e0204ae45bc711130f71f8b3e33b11b897d8e88af670dba643fe7c7f697010b98e37fdafb2
Score10/10-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-