General
-
Target
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d
-
Size
536KB
-
Sample
221129-jyq3daah86
-
MD5
3e34aa903d09bd824af20d8e7d16248d
-
SHA1
c17b17c0dad5afb6a2b2348be4db53fea5ff030c
-
SHA256
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d
-
SHA512
fc0805c32d381f4ec0434443f44ac5ace557f96099dabc0c35cc16d21b0daf5665ba058019101eb8adfe4d769d3a3318c971e4b171a740eb533dfd9498e55d4d
-
SSDEEP
6144:k999eCEB+d9EItun+X461zhWVVDYrEfrzZOIvQoAdOoW1QHYdEPRdWtoyBu99:c5EganW4/Lrzzyp4dEPR0oyB
Behavioral task
behavioral1
Sample
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d
-
Size
536KB
-
MD5
3e34aa903d09bd824af20d8e7d16248d
-
SHA1
c17b17c0dad5afb6a2b2348be4db53fea5ff030c
-
SHA256
6319f48483e5d3ad1acb1efda81d0f6b30ff528b9eee623e8f3a0f8fc5bd321d
-
SHA512
fc0805c32d381f4ec0434443f44ac5ace557f96099dabc0c35cc16d21b0daf5665ba058019101eb8adfe4d769d3a3318c971e4b171a740eb533dfd9498e55d4d
-
SSDEEP
6144:k999eCEB+d9EItun+X461zhWVVDYrEfrzZOIvQoAdOoW1QHYdEPRdWtoyBu99:c5EganW4/Lrzzyp4dEPR0oyB
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-