General
-
Target
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842
-
Size
1.0MB
-
Sample
221125-lvz7zsce5y
-
MD5
5a5af0498cf5b99be8c91a1b5d854fb1
-
SHA1
6fcb0512aa212fd1bb5072acd2a77138604fd180
-
SHA256
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842
-
SHA512
e6a627a663ec4188ec0e173b56a89ed8f4bea2505148cd85cc0e33b92508877323e618c7a78d7819c39d3089a9e1c78ea71aecd15ffdc2efa448a394f86bb64d
-
SSDEEP
24576:bS50o34eo3D55Qf/Ka5wjU+TUP2aWJIog8AdbTyvZFszh:k3gfQfj5a4K+DGBU
Behavioral task
behavioral1
Sample
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842
-
Size
1.0MB
-
MD5
5a5af0498cf5b99be8c91a1b5d854fb1
-
SHA1
6fcb0512aa212fd1bb5072acd2a77138604fd180
-
SHA256
5c332a1b85edf4695901dd73c42a94fe5262b0a64e392fd7af41f4e7dedc1842
-
SHA512
e6a627a663ec4188ec0e173b56a89ed8f4bea2505148cd85cc0e33b92508877323e618c7a78d7819c39d3089a9e1c78ea71aecd15ffdc2efa448a394f86bb64d
-
SSDEEP
24576:bS50o34eo3D55Qf/Ka5wjU+TUP2aWJIog8AdbTyvZFszh:k3gfQfj5a4K+DGBU
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops file in System32 directory
-