General
-
Target
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f
-
Size
381KB
-
Sample
221202-hl4x2acg26
-
MD5
571266b4ed8fc6864696ab81e7bc5b52
-
SHA1
e33ba6ed7b6fb229f15c0acb37a3e8b0ac9883e4
-
SHA256
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f
-
SHA512
e25c34598bfa02ca47aa6e6f39e6d2f3470d7c2e31620fc03469ed71f951fcb42c0697c6ad23ec952852f0361c5ab153c30d42ada6290e3adf5f400eba8bf3ba
-
SSDEEP
6144:k9fREcMZ5vVCiiKrao9afJu3YYtWGaVoRiS6hxH5AgPaxe9:WuvVCiisao9Ii3aViKHy
Behavioral task
behavioral1
Sample
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f
-
Size
381KB
-
MD5
571266b4ed8fc6864696ab81e7bc5b52
-
SHA1
e33ba6ed7b6fb229f15c0acb37a3e8b0ac9883e4
-
SHA256
c33a5fa124b443346a457a01b042b232413b1bc3244d808613e58c449515977f
-
SHA512
e25c34598bfa02ca47aa6e6f39e6d2f3470d7c2e31620fc03469ed71f951fcb42c0697c6ad23ec952852f0361c5ab153c30d42ada6290e3adf5f400eba8bf3ba
-
SSDEEP
6144:k9fREcMZ5vVCiiKrao9afJu3YYtWGaVoRiS6hxH5AgPaxe9:WuvVCiisao9Ii3aViKHy
Score10/10-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-