General
-
Target
c767020810b099c4ebb24220ab9a317b658a2f2a26be762d02a95a2efb7fc63a
-
Size
1.6MB
-
Sample
221128-lmhmzadc62
-
MD5
30cd1f10f393ce0355ab0272e6fe40c0
-
SHA1
ff02be22b87d48e1a9b5b3544fd249937c09665f
-
SHA256
c767020810b099c4ebb24220ab9a317b658a2f2a26be762d02a95a2efb7fc63a
-
SHA512
f43c54ee53310378d50e03b2a150ff3d06fabc8bd1993c63492f96026dfde6ed18b03c2f771b63dd57f9384d04fd72594fd0276c812b2e989d6f7a0f2525e457
-
SSDEEP
24576:Ftb20pkaCqT5TBWgNQ7aW5MB6dDVPHbZdR17P3e8W0A6A:2Vg5tQ7aW5RdVdpPu845
Malware Config
Targets
-
-
Target
c767020810b099c4ebb24220ab9a317b658a2f2a26be762d02a95a2efb7fc63a
-
Size
1.6MB
-
MD5
30cd1f10f393ce0355ab0272e6fe40c0
-
SHA1
ff02be22b87d48e1a9b5b3544fd249937c09665f
-
SHA256
c767020810b099c4ebb24220ab9a317b658a2f2a26be762d02a95a2efb7fc63a
-
SHA512
f43c54ee53310378d50e03b2a150ff3d06fabc8bd1993c63492f96026dfde6ed18b03c2f771b63dd57f9384d04fd72594fd0276c812b2e989d6f7a0f2525e457
-
SSDEEP
24576:Ftb20pkaCqT5TBWgNQ7aW5MB6dDVPHbZdR17P3e8W0A6A:2Vg5tQ7aW5RdVdpPu845
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-