General
-
Target
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52
-
Size
178KB
-
Sample
221129-jywmvsah93
-
MD5
e6b16e3deb1e7702e4f9c4ac143b4c43
-
SHA1
464c1e3b47c24a779a0c4b00bb8c4b0e63ee839f
-
SHA256
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52
-
SHA512
d658fe2154bf69af2bb3e4cbd61abbb195e5f789d004ee93e781e3d21a64c394e63d045be7f03d9bdd500e8838f66ebac7e5cb02a75e5dd128c3dccc4079a37b
-
SSDEEP
1536:JxqjQ+P04wsmJCiDRI2zoFmQDrA0qxs267MmgKIcBbOxqjQ+P04wsmJCoOxqjQ+9:sr85CipzoFm+M9sr85CKr85C
Behavioral task
behavioral1
Sample
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52
-
Size
178KB
-
MD5
e6b16e3deb1e7702e4f9c4ac143b4c43
-
SHA1
464c1e3b47c24a779a0c4b00bb8c4b0e63ee839f
-
SHA256
392ece1c10a31499588ce2557f3c601c44183cc3b23ab33e07fd26da9cfffb52
-
SHA512
d658fe2154bf69af2bb3e4cbd61abbb195e5f789d004ee93e781e3d21a64c394e63d045be7f03d9bdd500e8838f66ebac7e5cb02a75e5dd128c3dccc4079a37b
-
SSDEEP
1536:JxqjQ+P04wsmJCiDRI2zoFmQDrA0qxs267MmgKIcBbOxqjQ+P04wsmJCoOxqjQ+9:sr85CipzoFm+M9sr85CKr85C
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-