General
-
Target
Spotify ProxyLess Brute Checker By ACTEAM V2.exe
-
Size
3.4MB
-
Sample
221001-j3evxaggbn
-
MD5
0f54fdb60f126275dda468d137602e4f
-
SHA1
5df5e97f70e872aca0461881771ecc1e0be2365f
-
SHA256
acb9908a7cc8bc74176e39325e713a8640b0888ce70c2a99a1b92013a6d326dc
-
SHA512
0dd51d3973282ccf6af897b4c967e5dfe2285628c6213ef991af39cf3af75ecbba7d4cbb673f1aab01627b3376076befcaa06e87195c61d66f861c57bd14edc8
-
SSDEEP
49152:d0+EzLwW1T+Q0YjtwInMkQ8NlaVeuHFe4HzeHG:d0+Ev1TOYBwCGxHzem
Behavioral task
behavioral1
Sample
Spotify ProxyLess Brute Checker By ACTEAM V2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Spotify ProxyLess Brute Checker By ACTEAM V2.exe
Resource
win10-20220901-en
Behavioral task
behavioral3
Sample
Spotify ProxyLess Brute Checker By ACTEAM V2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Spotify ProxyLess Brute Checker By ACTEAM V2.exe
-
Size
3.4MB
-
MD5
0f54fdb60f126275dda468d137602e4f
-
SHA1
5df5e97f70e872aca0461881771ecc1e0be2365f
-
SHA256
acb9908a7cc8bc74176e39325e713a8640b0888ce70c2a99a1b92013a6d326dc
-
SHA512
0dd51d3973282ccf6af897b4c967e5dfe2285628c6213ef991af39cf3af75ecbba7d4cbb673f1aab01627b3376076befcaa06e87195c61d66f861c57bd14edc8
-
SSDEEP
49152:d0+EzLwW1T+Q0YjtwInMkQ8NlaVeuHFe4HzeHG:d0+Ev1TOYBwCGxHzem
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-