General
-
Target
LIZ.bin
-
Size
86KB
-
Sample
220623-xs7ptsegfl
-
MD5
208325c2e57a7d0c51d5b0ad2d7d8248
-
SHA1
2bfb81ff22483ddf16e0cd792f3cdc26799b0c3a
-
SHA256
fd8ecb99ecee0d54565a781a729ee7ad19203a5105820981d5e818c45d09f82f
-
SHA512
b8edb0a68dbc685a1b9bc99e83067fa6b69a0650decf1a189e405a61dc7fc192b36d2e6a51b7695069d3f31a794219a7816609ca6602c24e4d04cd3d699ceaa9
Static task
static1
Behavioral task
behavioral1
Sample
LIZ.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
LIZ.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
LIZ.bin
-
Size
86KB
-
MD5
208325c2e57a7d0c51d5b0ad2d7d8248
-
SHA1
2bfb81ff22483ddf16e0cd792f3cdc26799b0c3a
-
SHA256
fd8ecb99ecee0d54565a781a729ee7ad19203a5105820981d5e818c45d09f82f
-
SHA512
b8edb0a68dbc685a1b9bc99e83067fa6b69a0650decf1a189e405a61dc7fc192b36d2e6a51b7695069d3f31a794219a7816609ca6602c24e4d04cd3d699ceaa9
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-