General
-
Target
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45
-
Size
600KB
-
Sample
220801-tgyq1addak
-
MD5
5bfabaaf40312a75808a1ba556dba0d7
-
SHA1
699ce914a4309743fd35a147e6f0bedb643b31d0
-
SHA256
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45
-
SHA512
f1d19952bf636703e6d50a2a35a2d44f608d06ed9abfe3bc2c6bc4a6950d8c974af81ad7cd5469ab53505717c0ba9aa6e9fac0599e44795f27af93ea49142f70
Behavioral task
behavioral1
Sample
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45
-
Size
600KB
-
MD5
5bfabaaf40312a75808a1ba556dba0d7
-
SHA1
699ce914a4309743fd35a147e6f0bedb643b31d0
-
SHA256
e73a332118981d6b6ac09c9cdf0fb0012bb59772038361d5cff79aac26744b45
-
SHA512
f1d19952bf636703e6d50a2a35a2d44f608d06ed9abfe3bc2c6bc4a6950d8c974af81ad7cd5469ab53505717c0ba9aa6e9fac0599e44795f27af93ea49142f70
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-