General
-
Target
dbfe97ff3dfd3889ca63c32b43dd67911e8706fe98f2c35f6cd342a70b24a0b2
-
Size
916KB
-
Sample
221129-jyaemaah65
-
MD5
0e6eccc2cb4555748e5b1dec1ea8e0b0
-
SHA1
3eba614e98ff631ecb30bcc1cc3cfe4824747dff
-
SHA256
dbfe97ff3dfd3889ca63c32b43dd67911e8706fe98f2c35f6cd342a70b24a0b2
-
SHA512
75926bd3d19ef06f38581ad03a95eb99dfed1b0505484680abc633e36200e02bc8fb72bbe1caf4241446edd398650f0ad3a3ecc12b78e2758c29adc843703452
-
SSDEEP
12288:aW6VgX0SyGUsp8Qd/zDdz+A+hi6+pE30vwmC46oSVISpn7awwgoSPpi6:a/lGl6Qp3R+hos4w74YGwJpi6
Behavioral task
behavioral1
Sample
dbfe97ff3dfd3889ca63c32b43dd67911e8706fe98f2c35f6cd342a70b24a0b2.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
dbfe97ff3dfd3889ca63c32b43dd67911e8706fe98f2c35f6cd342a70b24a0b2
-
Size
916KB
-
MD5
0e6eccc2cb4555748e5b1dec1ea8e0b0
-
SHA1
3eba614e98ff631ecb30bcc1cc3cfe4824747dff
-
SHA256
dbfe97ff3dfd3889ca63c32b43dd67911e8706fe98f2c35f6cd342a70b24a0b2
-
SHA512
75926bd3d19ef06f38581ad03a95eb99dfed1b0505484680abc633e36200e02bc8fb72bbe1caf4241446edd398650f0ad3a3ecc12b78e2758c29adc843703452
-
SSDEEP
12288:aW6VgX0SyGUsp8Qd/zDdz+A+hi6+pE30vwmC46oSVISpn7awwgoSPpi6:a/lGl6Qp3R+hos4w74YGwJpi6
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-