General
-
Target
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643
-
Size
455KB
-
Sample
221125-z9rfaaga63
-
MD5
9b94fed379a1df2b83fdbef292a5c2ef
-
SHA1
6b6e18e90afaa434b7d8a5dbc27a187b71324180
-
SHA256
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643
-
SHA512
c5b4c1ab96ebebe32c9dd43a6832176b70ec0e3ee0c7cf6f78c55989e6be2648f21fa6b0af6db96e52b54c4fa7c1d86c65afc8c465e262496e5d7b731d349cdc
-
SSDEEP
12288:mU9sjjUzqAApXhTRhGgJpcmWnour2ub2IxyuK79+:pzKX9R8gJpcmqoDumuKI
Behavioral task
behavioral1
Sample
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643
-
Size
455KB
-
MD5
9b94fed379a1df2b83fdbef292a5c2ef
-
SHA1
6b6e18e90afaa434b7d8a5dbc27a187b71324180
-
SHA256
f6adf8932350281f08f2357eb2ed14d2e2ace877b33f8e1d521c9ab04f227643
-
SHA512
c5b4c1ab96ebebe32c9dd43a6832176b70ec0e3ee0c7cf6f78c55989e6be2648f21fa6b0af6db96e52b54c4fa7c1d86c65afc8c465e262496e5d7b731d349cdc
-
SSDEEP
12288:mU9sjjUzqAApXhTRhGgJpcmWnour2ub2IxyuK79+:pzKX9R8gJpcmqoDumuKI
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-