General
-
Target
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358
-
Size
159KB
-
Sample
221126-ym1j1adg8x
-
MD5
a9cea6e18056b719f92c03a9663c16a4
-
SHA1
b6e1871d502bc2bfd15e9194ac41e713c38855b6
-
SHA256
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358
-
SHA512
ec980c6d3b9f519fb7c0404c3e39e58a9a1877fc2df0cee0bf906ae8befe4b319c37e7e08f05d03dca2c7580bd7e1ce5f26b9bb5879f3de22acd4a59828ca81e
-
SSDEEP
3072:sr85CIPDmZ8tf05iW4u0fBbrWHzgjO/Zd1RV:k9IPDm+G5iWQfBb6HzgOjRV
Behavioral task
behavioral1
Sample
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358
-
Size
159KB
-
MD5
a9cea6e18056b719f92c03a9663c16a4
-
SHA1
b6e1871d502bc2bfd15e9194ac41e713c38855b6
-
SHA256
76652bde52644dc333f1757ac6ff7728ba3c532d91b955b2616b742042a3e358
-
SHA512
ec980c6d3b9f519fb7c0404c3e39e58a9a1877fc2df0cee0bf906ae8befe4b319c37e7e08f05d03dca2c7580bd7e1ce5f26b9bb5879f3de22acd4a59828ca81e
-
SSDEEP
3072:sr85CIPDmZ8tf05iW4u0fBbrWHzgjO/Zd1RV:k9IPDm+G5iWQfBb6HzgOjRV
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-