General
-
Target
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31
-
Size
1.5MB
-
Sample
221121-ngrd2agc99
-
MD5
0a9b435e956bfdde213943ece43e96e0
-
SHA1
6103632e4984d40d37fb663fd813275afbd62871
-
SHA256
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31
-
SHA512
25a192a992b2d81f10ae8349dd6abd8fbc6ce88ef95f813fbb8309ef68e1a47412ac6f3b192a29f910756210358084e50dbebf0912c04b8eee2392c685ecd534
-
SSDEEP
24576:x0fTYgB8JTFhrylf/gv/iqWL6xTuH84z+i7vzCTogVbPmcC:x0fTxB8JTFhIgv/isxTuHJCTog1mcC
Static task
static1
Behavioral task
behavioral1
Sample
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31
-
Size
1.5MB
-
MD5
0a9b435e956bfdde213943ece43e96e0
-
SHA1
6103632e4984d40d37fb663fd813275afbd62871
-
SHA256
c30f1695fec5a70fa7137cb8b9883bc5b486edd2bb58267a2646d6ea8b22ef31
-
SHA512
25a192a992b2d81f10ae8349dd6abd8fbc6ce88ef95f813fbb8309ef68e1a47412ac6f3b192a29f910756210358084e50dbebf0912c04b8eee2392c685ecd534
-
SSDEEP
24576:x0fTYgB8JTFhrylf/gv/iqWL6xTuH84z+i7vzCTogVbPmcC:x0fTxB8JTFhIgv/isxTuHJCTog1mcC
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-