General
-
Target
5fbc1b2bd95bdfdd9f39c45bb22c00a797cf569998e3fa751d17c1341b35cd4b
-
Size
465KB
-
Sample
220524-va7k1aaac5
-
MD5
edf84065e6dd8e15ad73589c3e415085
-
SHA1
091635d29a153990ff2673724ad92052e9e63482
-
SHA256
5fbc1b2bd95bdfdd9f39c45bb22c00a797cf569998e3fa751d17c1341b35cd4b
-
SHA512
6cf4e0fd7c599f3354b993a2a41eae061f364937d1d1def7a24be5261838ec9aa6ea890c9c57c9b2d0450d1d8182651894a35a603cc99a9cbaba42a95d914aa3
Malware Config
Targets
-
-
Target
5fbc1b2bd95bdfdd9f39c45bb22c00a797cf569998e3fa751d17c1341b35cd4b
-
Size
465KB
-
MD5
edf84065e6dd8e15ad73589c3e415085
-
SHA1
091635d29a153990ff2673724ad92052e9e63482
-
SHA256
5fbc1b2bd95bdfdd9f39c45bb22c00a797cf569998e3fa751d17c1341b35cd4b
-
SHA512
6cf4e0fd7c599f3354b993a2a41eae061f364937d1d1def7a24be5261838ec9aa6ea890c9c57c9b2d0450d1d8182651894a35a603cc99a9cbaba42a95d914aa3
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-