General
-
Target
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c
-
Size
601KB
-
Sample
221014-f9ft1aaahm
-
MD5
6f5cf6a91d5e6646fdf1a6653b8f2d20
-
SHA1
375796e8858769812ed9ba79f386778016b1d32e
-
SHA256
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c
-
SHA512
37304a28ee8542995f1e0cee9518654c781b36f127cc238db87370638623288dd8ad4d272ea147d6153a7cf5d305dacc3179237cb3e050a07fcfd46cfd1c82bd
-
SSDEEP
12288:j9OczTX1g+ACjgJ5Q+ON9R4qeACjdXE1cVKB/5EJz6L/tIoTGgTV:RO2TlgLCI5LON9R4qXCd0mYESKoTGgTV
Behavioral task
behavioral1
Sample
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
aa116666
Targets
-
-
Target
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c
-
Size
601KB
-
MD5
6f5cf6a91d5e6646fdf1a6653b8f2d20
-
SHA1
375796e8858769812ed9ba79f386778016b1d32e
-
SHA256
15b50b46f2f9d3ce66c8903cb824bd761f420053b27878e5274091d94f33477c
-
SHA512
37304a28ee8542995f1e0cee9518654c781b36f127cc238db87370638623288dd8ad4d272ea147d6153a7cf5d305dacc3179237cb3e050a07fcfd46cfd1c82bd
-
SSDEEP
12288:j9OczTX1g+ACjgJ5Q+ON9R4qeACjdXE1cVKB/5EJz6L/tIoTGgTV:RO2TlgLCI5LON9R4qXCd0mYESKoTGgTV
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Nirsoft
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-