General
-
Target
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf
-
Size
156KB
-
Sample
221002-fn7qlahff8
-
MD5
6435bdd83efce1b89f2995938041ff40
-
SHA1
0c64d1f6d1793c2cb3ceb9e20813b0c80658faa1
-
SHA256
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf
-
SHA512
22033f5b00dc0d30d987e8e27baefcd772efb32b4945971d1fd58976b1867b75b5eab69e9f814bb59311b7447aa21c42ec5c1f0893cd58d2f0779d247c318090
-
SSDEEP
3072:sr85CkksPi1pVARlzldese92Z4xULa1jshZpwD:k9kVPi1glVLMohZ
Behavioral task
behavioral1
Sample
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf
-
Size
156KB
-
MD5
6435bdd83efce1b89f2995938041ff40
-
SHA1
0c64d1f6d1793c2cb3ceb9e20813b0c80658faa1
-
SHA256
24ed76901c763ac9c7d9d36b87aa9a08d73cfcdb927c2ea8351a0cabf348b5cf
-
SHA512
22033f5b00dc0d30d987e8e27baefcd772efb32b4945971d1fd58976b1867b75b5eab69e9f814bb59311b7447aa21c42ec5c1f0893cd58d2f0779d247c318090
-
SSDEEP
3072:sr85CkksPi1pVARlzldese92Z4xULa1jshZpwD:k9kVPi1glVLMohZ
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-