General
-
Target
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514
-
Size
261KB
-
Sample
221125-wswf5adh67
-
MD5
0063bb0a460508738af4af2f11fdf880
-
SHA1
9b3a753a220d631c3333fefcf63ef8ffe8b29edd
-
SHA256
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514
-
SHA512
0c82c75d4f1def4deaa6ff8ef3fc44b217070b4daa616999f06928c2678fb95f04a4a4119148fa4408ad5d25b2d9b8d9df9af85787cac4504b9472a1db6e78e6
-
SSDEEP
6144:k9Lrgq6hbWjq/zbu6OKdCQ3mkxxNc56ud8csg06n21XDalEdi:SrCNvoB2zudA/GWdi
Behavioral task
behavioral1
Sample
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514
-
Size
261KB
-
MD5
0063bb0a460508738af4af2f11fdf880
-
SHA1
9b3a753a220d631c3333fefcf63ef8ffe8b29edd
-
SHA256
a91e0748bb3c181f28348d4bdd05d7791d3dc3ecd08948d327214ca98317f514
-
SHA512
0c82c75d4f1def4deaa6ff8ef3fc44b217070b4daa616999f06928c2678fb95f04a4a4119148fa4408ad5d25b2d9b8d9df9af85787cac4504b9472a1db6e78e6
-
SSDEEP
6144:k9Lrgq6hbWjq/zbu6OKdCQ3mkxxNc56ud8csg06n21XDalEdi:SrCNvoB2zudA/GWdi
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-