General
-
Target
LAP092_2022-11-29_11_19_44.zip
-
Size
432KB
-
Sample
221129-xhydeaac6x
-
MD5
50357609903abe014936f7a6ff86b2cf
-
SHA1
142126e7c1c9f2231cae5b6a67cc06c8f7a4a238
-
SHA256
00d3cc629ebc21e73835d022cf107b53fcd97fb849cb8b616cb6c59ff61e50dc
-
SHA512
2cf459e27b3359922d26d3029b6e9c4491e5c4b0a0f3e29561e4b3175843df9f7af54c042a4b98aa240ab051e25a2341497db310e8746bfb34d2382be04800f3
-
SSDEEP
12288:f5HOfpTORPVkHQEOiKLPiE5f7Tr5QDeAwKLbcG:hepTORP0QEXKLPpRqX
Behavioral task
behavioral1
Sample
Device/HarddiskVolume4/Users/tim1k/AppData/Local/WebEx/WebEx64/Meetings/wbxreport.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume4/Users/tim1k/AppData/Local/WebEx/WebEx64/Meetings/wbxreport.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
Device/HarddiskVolume4/Users/tim1k/AppData/Local/WebEx/WebEx64/Meetings/wbxreport.exe
-
Size
2.5MB
-
MD5
01b891763adad5caaa8b5f25da141f92
-
SHA1
4586fc3c7ab0fa768fd8cd4d39c91e9fadb00735
-
SHA256
4d42f0af47dfbe2cb2cd5a36e0853a2e9abef4915a41a93cc1c1cf4e80a06eda
-
SHA512
82adf851965b063432788f308aec74e6c2f6a033eb90fc708956fead6ae11cc0e3cce07f0e7c86f60b87215fb322c3561272e3ae13be78939e85ef90d7729f6a
-
SSDEEP
12288:a7XSDM7lMqd1JbAiw9ng9kmY+xgDTkDnit9KbjgA:a7XSQ915cqkmmTkDn0A
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-