General
-
Target
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe
-
Size
504KB
-
Sample
221002-fpaggshfg3
-
MD5
642b2f6674c46d5b6a26b157af24c850
-
SHA1
0a8b5657647fb9c99b61a0898bd148ef7cfa90a8
-
SHA256
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe
-
SHA512
d0b2f96248f33268f13791efa26349a1fc42a23be808e973d1410821ac13177c9a62405771613bc6e069053449483444ee34c1f1b048475ff4b2e1dca0298387
-
SSDEEP
12288:nbEvHJ3ChikGmBV2QhEipJ9jwoJbTqCk9Q1Tlu9IXpaE:nIveiKV2tCJJTq5O1eUpaE
Behavioral task
behavioral1
Sample
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe
-
Size
504KB
-
MD5
642b2f6674c46d5b6a26b157af24c850
-
SHA1
0a8b5657647fb9c99b61a0898bd148ef7cfa90a8
-
SHA256
228797bb3c4120ea0133ed914a76d2f2b6479b488bfd576380654318ae9f5fbe
-
SHA512
d0b2f96248f33268f13791efa26349a1fc42a23be808e973d1410821ac13177c9a62405771613bc6e069053449483444ee34c1f1b048475ff4b2e1dca0298387
-
SSDEEP
12288:nbEvHJ3ChikGmBV2QhEipJ9jwoJbTqCk9Q1Tlu9IXpaE:nIveiKV2tCJJTq5O1eUpaE
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-