General
-
Target
168e89857f9aabb19de0c89aa7a961d22a15574f58e8a0e46090963482bc57a6
-
Size
4.6MB
-
Sample
220630-3msxdacedr
-
MD5
e60c69bcff750e837526d0763d50344b
-
SHA1
7d3a15333c75990ea48dc678c646a970d84c5fd0
-
SHA256
168e89857f9aabb19de0c89aa7a961d22a15574f58e8a0e46090963482bc57a6
-
SHA512
a16edc17d8deb3fa0301d70875612282beb692054d69be3ad6cf7c3d6aa944f4eb471e76e12ca3de8e2b2d730c87600e40196585483f7b642283e77a27c90ae7
Static task
static1
Behavioral task
behavioral1
Sample
168e89857f9aabb19de0c89aa7a961d22a15574f58e8a0e46090963482bc57a6.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
168e89857f9aabb19de0c89aa7a961d22a15574f58e8a0e46090963482bc57a6
-
Size
4.6MB
-
MD5
e60c69bcff750e837526d0763d50344b
-
SHA1
7d3a15333c75990ea48dc678c646a970d84c5fd0
-
SHA256
168e89857f9aabb19de0c89aa7a961d22a15574f58e8a0e46090963482bc57a6
-
SHA512
a16edc17d8deb3fa0301d70875612282beb692054d69be3ad6cf7c3d6aa944f4eb471e76e12ca3de8e2b2d730c87600e40196585483f7b642283e77a27c90ae7
-
Detect Neshta Payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
XMRig Miner Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-