General
-
Target
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a
-
Size
1.8MB
-
Sample
221125-wtfr3aea26
-
MD5
1a7cbe94061cc21cfae2748d19590426
-
SHA1
3b85b94a1f3425d830047d551334b52451d17063
-
SHA256
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a
-
SHA512
92658e6c83b1a01d7b72c1231644788117a0901f55538f61085f2595a12ef19883bb305eca7294b067d2c79c86677469b0bd16de9170bc26f5381a09ee607ab9
-
SSDEEP
24576:+LPFLP8SHBKpXlRnxliRUHa9HFXZhHMLY+NxQzFd3msSUKieLP1:+L9L0S8pVRNYp2LxHQzFd3g5Ld
Behavioral task
behavioral1
Sample
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a
-
Size
1.8MB
-
MD5
1a7cbe94061cc21cfae2748d19590426
-
SHA1
3b85b94a1f3425d830047d551334b52451d17063
-
SHA256
1955ed9b778e0217c2288e6bceb5db82bb86807c2e0558ecff888a5aad55637a
-
SHA512
92658e6c83b1a01d7b72c1231644788117a0901f55538f61085f2595a12ef19883bb305eca7294b067d2c79c86677469b0bd16de9170bc26f5381a09ee607ab9
-
SSDEEP
24576:+LPFLP8SHBKpXlRnxliRUHa9HFXZhHMLY+NxQzFd3msSUKieLP1:+L9L0S8pVRNYp2LxHQzFd3g5Ld
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-