General
-
Target
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50
-
Size
85KB
-
Sample
221121-ng2vrsgd27
-
MD5
10f9b917dc0b149b7abaea6b79681365
-
SHA1
b17b86ff35f928ddb382e61610756662a49375de
-
SHA256
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50
-
SHA512
1756f6f116dc6adc9232202b0138eea81fc88a06c0001a349ebfae98bd15e73c5101f5ee909c8dc242fc6ca00feb8c1de3e9b4b6047b2634aa8e79acf8e538a8
-
SSDEEP
1536:JxqjQ+P04wsmJC4BFrbrmizsx/NrLKRIu:sr85C4bNm/Niyu
Behavioral task
behavioral1
Sample
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50
-
Size
85KB
-
MD5
10f9b917dc0b149b7abaea6b79681365
-
SHA1
b17b86ff35f928ddb382e61610756662a49375de
-
SHA256
fe6959b66015631f2ae51c4864112184f6d4def06217da4dc0d0ffc90240de50
-
SHA512
1756f6f116dc6adc9232202b0138eea81fc88a06c0001a349ebfae98bd15e73c5101f5ee909c8dc242fc6ca00feb8c1de3e9b4b6047b2634aa8e79acf8e538a8
-
SSDEEP
1536:JxqjQ+P04wsmJC4BFrbrmizsx/NrLKRIu:sr85C4bNm/Niyu
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-