Overview

overview

10

Static

static

10

368afc1bba...b3.exe

windows7_x64

10

368afc1bba...b3.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    368afc1bbabcd34ac619f7176e1c2b112dca2adbc601c71321420978862d8db3

  • Size

    775KB

  • Sample

    220524-tardcageg9

  • MD5

    47bed56b822fe83f5f3e37405742c110

  • SHA1

    0c1780b9467623b297ff1dbe54c8563ef3dc7960

  • SHA256

    368afc1bbabcd34ac619f7176e1c2b112dca2adbc601c71321420978862d8db3

  • SHA512

    19b7dea7564b52404c9c4053f7b7d094e82362ea4528db3d9221c6ba89278f8c2812469ef17bd83dcbb9eb7961bd0443e0c37bbc4862aa3943f5cf2131bab7a1

Score
10/10
neshtapersistencespyware

Malware Config

Targets

    • Target

      368afc1bbabcd34ac619f7176e1c2b112dca2adbc601c71321420978862d8db3

    • Size

      775KB

    • MD5

      47bed56b822fe83f5f3e37405742c110

    • SHA1

      0c1780b9467623b297ff1dbe54c8563ef3dc7960

    • SHA256

      368afc1bbabcd34ac619f7176e1c2b112dca2adbc601c71321420978862d8db3

    • SHA512

      19b7dea7564b52404c9c4053f7b7d094e82362ea4528db3d9221c6ba89278f8c2812469ef17bd83dcbb9eb7961bd0443e0c37bbc4862aa3943f5cf2131bab7a1

    Score
    10/10
    neshtapersistencespyware

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks