General
-
Target
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0
-
Size
3.2MB
-
Sample
220603-qn1mdsbedj
-
MD5
3365574d049e43c6e6384ce17744b65e
-
SHA1
165ee631644c794611a6818b15c87e9bba3c4e03
-
SHA256
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0
-
SHA512
c63c93c38de91b4bcf66668d2995720781f41d81d95b16cb2ef859dc78d4973db90d582590cfadb53faaffcd19bc3d467c3baa9cd11fcabfa805e44033e4efc5
Behavioral task
behavioral1
Sample
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0
-
Size
3.2MB
-
MD5
3365574d049e43c6e6384ce17744b65e
-
SHA1
165ee631644c794611a6818b15c87e9bba3c4e03
-
SHA256
131a8658fcc8d502f8ea7fb3176c98a8223a8556303d60ddccf28e2384f688d0
-
SHA512
c63c93c38de91b4bcf66668d2995720781f41d81d95b16cb2ef859dc78d4973db90d582590cfadb53faaffcd19bc3d467c3baa9cd11fcabfa805e44033e4efc5
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-