General
-
Target
tmp
-
Size
4.9MB
-
Sample
221017-fjtceaafh5
-
MD5
12c15e04eb20664510999cb2c66b1b30
-
SHA1
d50d81ea8880b816abb5723e1463f9a22e36c918
-
SHA256
2a5806d62f65a535d07c61f2617bce6e46e3dc8de7f0076a594c0570c1bd9835
-
SHA512
68c3afa9c071b4b2151c077cb97cd8753c8f08a5a82a3c6333b08504a02e3da6f12ebc5f2291ffce3230d5225ba239aa4911bb6fc6cf921e37f4cdcc3bff642b
-
SSDEEP
98304:zchPS0xpNqWt5EKHOPpCvoQGckG7gfDn5XTC4+wJsv6tWKFdu9CTvHUQxshY:U6RpKHzvoVckrDCnwJsv6tWKFdu9CTSq
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
tmp
-
Size
4.9MB
-
MD5
12c15e04eb20664510999cb2c66b1b30
-
SHA1
d50d81ea8880b816abb5723e1463f9a22e36c918
-
SHA256
2a5806d62f65a535d07c61f2617bce6e46e3dc8de7f0076a594c0570c1bd9835
-
SHA512
68c3afa9c071b4b2151c077cb97cd8753c8f08a5a82a3c6333b08504a02e3da6f12ebc5f2291ffce3230d5225ba239aa4911bb6fc6cf921e37f4cdcc3bff642b
-
SSDEEP
98304:zchPS0xpNqWt5EKHOPpCvoQGckG7gfDn5XTC4+wJsv6tWKFdu9CTvHUQxshY:U6RpKHzvoVckrDCnwJsv6tWKFdu9CTSq
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-