General
-
Target
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe
-
Size
871KB
-
Sample
221001-wjvs8sheb8
-
MD5
743f9d12268b032178bf84da71e5b540
-
SHA1
205f65c40d81c4f21f3b8815301b8e159e33d7a4
-
SHA256
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe
-
SHA512
14c5488bcbb0f4d93d8a947581ea1d4329d1fd069dfddba8fb658b7079c8bfc94ff8b15d7096d7e2fd9c4c2437e258480dd0c732d1dfc2d43368e09012b967ff
-
SSDEEP
12288:nKjZA27e8blyJx/QljSIO6duGgeV28xLZi8dywvP5XuyH/3jOIwI3:Kj26hyJxS+Ize4xti83u+TOIwI3
Behavioral task
behavioral1
Sample
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe
-
Size
871KB
-
MD5
743f9d12268b032178bf84da71e5b540
-
SHA1
205f65c40d81c4f21f3b8815301b8e159e33d7a4
-
SHA256
dcfa2dc958efab924a16785ab725aa25ae4ae8f322cf37199455cdb1892817fe
-
SHA512
14c5488bcbb0f4d93d8a947581ea1d4329d1fd069dfddba8fb658b7079c8bfc94ff8b15d7096d7e2fd9c4c2437e258480dd0c732d1dfc2d43368e09012b967ff
-
SSDEEP
12288:nKjZA27e8blyJx/QljSIO6duGgeV28xLZi8dywvP5XuyH/3jOIwI3:Kj26hyJxS+Ize4xti83u+TOIwI3
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-