General
-
Target
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b
-
Size
500KB
-
Sample
221121-ngzemsgd25
-
MD5
319914a647705ab10ff50ca0f96f5540
-
SHA1
8ca527104c1c099529e2f3a77bde86889c85d424
-
SHA256
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b
-
SHA512
6009c0a06224db8b0376f938c9948f99a1cbed31c772e91680ea0172dab265beadbd858ae8a8a1fb49ef63135c819c127ef41d117c1b71312b0d0a33d5f3a43e
-
SSDEEP
12288:XmKvrhgYxoMNmKqVaWWwOFTJwdgJoIs9ga:W4mKnmKCSTedJga
Static task
static1
Behavioral task
behavioral1
Sample
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b
-
Size
500KB
-
MD5
319914a647705ab10ff50ca0f96f5540
-
SHA1
8ca527104c1c099529e2f3a77bde86889c85d424
-
SHA256
2ab785d0be03a078986d530f37262a522931628c36405c46674e9582790ad55b
-
SHA512
6009c0a06224db8b0376f938c9948f99a1cbed31c772e91680ea0172dab265beadbd858ae8a8a1fb49ef63135c819c127ef41d117c1b71312b0d0a33d5f3a43e
-
SSDEEP
12288:XmKvrhgYxoMNmKqVaWWwOFTJwdgJoIs9ga:W4mKnmKCSTedJga
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-