General
-
Target
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e
-
Size
585KB
-
Sample
221123-1c777saa6t
-
MD5
56c44a91fe7f49e34b5cbaf49bfd8cc6
-
SHA1
3ba26ecca8b59d065400b60e39f32d04b63212fd
-
SHA256
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e
-
SHA512
5ef1d05d9d3190904aee533dd02eb794b39eb6032459dd659cf1d54921ef3bb2cf85970cdd48849403e014e72c05aacabf054f57d47e328a3c3f137c917146f6
-
SSDEEP
12288:/EnU4T/vjL0IzZ9K4SfBUOUymZw1ZeDoLqoLG:snU4TDL0IN9KZpbnf0lL
Behavioral task
behavioral1
Sample
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e
-
Size
585KB
-
MD5
56c44a91fe7f49e34b5cbaf49bfd8cc6
-
SHA1
3ba26ecca8b59d065400b60e39f32d04b63212fd
-
SHA256
fc766c0232047ebddbd7368a3f6f45a9f49fd955b4278efd17c9ccd7de0a4e5e
-
SHA512
5ef1d05d9d3190904aee533dd02eb794b39eb6032459dd659cf1d54921ef3bb2cf85970cdd48849403e014e72c05aacabf054f57d47e328a3c3f137c917146f6
-
SSDEEP
12288:/EnU4T/vjL0IzZ9K4SfBUOUymZw1ZeDoLqoLG:snU4TDL0IN9KZpbnf0lL
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-