General
-
Target
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8
-
Size
118KB
-
Sample
221130-at3e6sfe7w
-
MD5
aeee9631931721502c86ee97653b5212
-
SHA1
01f9aeb5228f23d6e3a00fe68f0471690969a470
-
SHA256
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8
-
SHA512
8c12b3789bad67057d49b3e0de8db1e659939023f8db034398221df8290d3299c2b64616a68b8b42d0807f005dbc77f457773da2be6969743cb2946f79e94321
-
SSDEEP
3072:sr85CKzyRAosBTg9UojM1Wc/nbeASSc6z+dca:k9KzyqoN9jM0iTWhdca
Behavioral task
behavioral1
Sample
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8
-
Size
118KB
-
MD5
aeee9631931721502c86ee97653b5212
-
SHA1
01f9aeb5228f23d6e3a00fe68f0471690969a470
-
SHA256
ddfdca0ef3f888d249577b12fe17fb6f71a3bf8d1b5b27273d9a805d148f29c8
-
SHA512
8c12b3789bad67057d49b3e0de8db1e659939023f8db034398221df8290d3299c2b64616a68b8b42d0807f005dbc77f457773da2be6969743cb2946f79e94321
-
SSDEEP
3072:sr85CKzyRAosBTg9UojM1Wc/nbeASSc6z+dca:k9KzyqoN9jM0iTWhdca
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-