General
-
Target
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d
-
Size
340KB
-
Sample
221202-r22maaga92
-
MD5
42aea131431fd7f6a33c3a105da8c150
-
SHA1
4b8248bbcbdcd6daafd62447c8904ec0d3812bb5
-
SHA256
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d
-
SHA512
c9da91a4549c0086bd1f96fe55450f851eb238c3a5b3b678c795cf84b9a9c55c537989d0f9c703be0edcd78d71096baa8cbb7c4fb65977d2e2a62519d1a58554
-
SSDEEP
6144:k9h6qCoGSbH33BVGxYxZFRhw0XZNQ5GHeMcXKKs+eV4z4wY4ZPg0EPGMgN/zx:2C/STh8xY3h3Jm5Gq6oeV44T4C0EPXgb
Behavioral task
behavioral1
Sample
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d
-
Size
340KB
-
MD5
42aea131431fd7f6a33c3a105da8c150
-
SHA1
4b8248bbcbdcd6daafd62447c8904ec0d3812bb5
-
SHA256
1e0e94d942640944f0495a497585e041e06fc9b48febee9a9e0617c34283a46d
-
SHA512
c9da91a4549c0086bd1f96fe55450f851eb238c3a5b3b678c795cf84b9a9c55c537989d0f9c703be0edcd78d71096baa8cbb7c4fb65977d2e2a62519d1a58554
-
SSDEEP
6144:k9h6qCoGSbH33BVGxYxZFRhw0XZNQ5GHeMcXKKs+eV4z4wY4ZPg0EPGMgN/zx:2C/STh8xY3h3Jm5Gq6oeV44T4C0EPXgb
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-