General
-
Target
a60fe14bcfdede39cd4b1624cbcc156a8d35df6bd886a84b240920fdf991691d
-
Size
308KB
-
Sample
221128-rebscahd87
-
MD5
b481630bd676982d576d7e48942c000c
-
SHA1
d4c9d04b05cce406bdd2ac32f5907c8fb07c8729
-
SHA256
a60fe14bcfdede39cd4b1624cbcc156a8d35df6bd886a84b240920fdf991691d
-
SHA512
0d1b16558322c7925e4a02ea14d0e2dd155676e38ea57eb8011db393a39e16cd6f7b2d42aa799521004d84ca2fb1550d4822fc22faafa77b869fbc3a38098816
-
SSDEEP
6144:k9csUgMy2oA0Rn0/RHiygLMEqpbHhfJ1kX5NuB6nu/Q9Ao:P9E+/RHiygL+pbBfJ1kXDuRoSo
Behavioral task
behavioral1
Sample
a60fe14bcfdede39cd4b1624cbcc156a8d35df6bd886a84b240920fdf991691d.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
a60fe14bcfdede39cd4b1624cbcc156a8d35df6bd886a84b240920fdf991691d
-
Size
308KB
-
MD5
b481630bd676982d576d7e48942c000c
-
SHA1
d4c9d04b05cce406bdd2ac32f5907c8fb07c8729
-
SHA256
a60fe14bcfdede39cd4b1624cbcc156a8d35df6bd886a84b240920fdf991691d
-
SHA512
0d1b16558322c7925e4a02ea14d0e2dd155676e38ea57eb8011db393a39e16cd6f7b2d42aa799521004d84ca2fb1550d4822fc22faafa77b869fbc3a38098816
-
SSDEEP
6144:k9csUgMy2oA0Rn0/RHiygLMEqpbHhfJ1kX5NuB6nu/Q9Ao:P9E+/RHiygL+pbBfJ1kXDuRoSo
-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-