General
-
Target
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2
-
Size
376KB
-
Sample
221124-gzlsyadg35
-
MD5
083af8cf1a2c756d15bb432b2e32e174
-
SHA1
ee0d74aa436d228cd2e2d9c77f15bd43b28e4bc4
-
SHA256
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2
-
SHA512
a2e5c961dc6b65264c05f98c88f0152926c4091194e700465dbb254b919b0a73249ae44bf875ba1a8e36ed62fa34efca1844378c06dfdb9c395bda496b3015d1
-
SSDEEP
6144:k94fEDUdt9eQn5r75fJ7RmGHFuxRHUQjf8XFq2mLEXzo+jMd:jf9dt9eQn9HL8R00WFq5P3
Behavioral task
behavioral1
Sample
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2
-
Size
376KB
-
MD5
083af8cf1a2c756d15bb432b2e32e174
-
SHA1
ee0d74aa436d228cd2e2d9c77f15bd43b28e4bc4
-
SHA256
2af191a1f9deb3ceca961b61dc7b65a91d05f97a9a49a555ccbda19bef7c19a2
-
SHA512
a2e5c961dc6b65264c05f98c88f0152926c4091194e700465dbb254b919b0a73249ae44bf875ba1a8e36ed62fa34efca1844378c06dfdb9c395bda496b3015d1
-
SSDEEP
6144:k94fEDUdt9eQn5r75fJ7RmGHFuxRHUQjf8XFq2mLEXzo+jMd:jf9dt9eQn9HL8R00WFq5P3
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-