General
-
Target
21d6003796aa289ed3f0697c4169e75ebd8cd6107d3b4c5ddf61cdc30d12b1cd
-
Size
608KB
-
Sample
220612-h4p7laffa9
-
MD5
98537eaadf7018f10f317af3ba619a0d
-
SHA1
1d1e202ad5b9d2be7433a0175797894adf66f0e3
-
SHA256
21d6003796aa289ed3f0697c4169e75ebd8cd6107d3b4c5ddf61cdc30d12b1cd
-
SHA512
0250116b236f55661a806b3fbee3bce27604df58ba6a8ce5b1c488245f68e83cdcff3bad8ff2db699a8dca8adbcc7080fc04aab1a6320a0d6edeecada59effba
Static task
static1
Behavioral task
behavioral1
Sample
21d6003796aa289ed3f0697c4169e75ebd8cd6107d3b4c5ddf61cdc30d12b1cd.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://www.aegoprojet.com/ymg/olamide/gate.php
-
payload_url
http://www.aegoprojet.com/ymg/olamide/shit.exe
Targets
-
-
Target
21d6003796aa289ed3f0697c4169e75ebd8cd6107d3b4c5ddf61cdc30d12b1cd
-
Size
608KB
-
MD5
98537eaadf7018f10f317af3ba619a0d
-
SHA1
1d1e202ad5b9d2be7433a0175797894adf66f0e3
-
SHA256
21d6003796aa289ed3f0697c4169e75ebd8cd6107d3b4c5ddf61cdc30d12b1cd
-
SHA512
0250116b236f55661a806b3fbee3bce27604df58ba6a8ce5b1c488245f68e83cdcff3bad8ff2db699a8dca8adbcc7080fc04aab1a6320a0d6edeecada59effba
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-