General
-
Target
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b
-
Size
125KB
-
Sample
221129-jx8wssah59
-
MD5
4b3e638a667b4085eb4b17f1e7809860
-
SHA1
2b8a44fd5a2ce6f7e16c9b3868ee566c507bbf13
-
SHA256
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b
-
SHA512
84dc7852bc95359bde80b59bef78f17ab5be499836286a71f51f66c1387f377c8590a1ff9aa950efd12c30a932c4567bdae667b3900da8bdfd5fdfbda0a49657
-
SSDEEP
3072:sr85CLDEdhEOUimhWbqAjDpnO9BtTVQwvjc:k9cdiOUigc
Behavioral task
behavioral1
Sample
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b
-
Size
125KB
-
MD5
4b3e638a667b4085eb4b17f1e7809860
-
SHA1
2b8a44fd5a2ce6f7e16c9b3868ee566c507bbf13
-
SHA256
df101ed49dc70421e84a6e6e90336e1a5202c8fd698ac80af2a24667b6614b6b
-
SHA512
84dc7852bc95359bde80b59bef78f17ab5be499836286a71f51f66c1387f377c8590a1ff9aa950efd12c30a932c4567bdae667b3900da8bdfd5fdfbda0a49657
-
SSDEEP
3072:sr85CLDEdhEOUimhWbqAjDpnO9BtTVQwvjc:k9cdiOUigc
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-