General
-
Target
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9
-
Size
258KB
-
Sample
221202-r2p89aga69
-
MD5
4f0b50784beb9a1dd506b2bd8dada113
-
SHA1
51234eafca02247fef4115a1a6fef369bc872ebb
-
SHA256
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9
-
SHA512
ed8dd0f77c5e96c4d42aa15481250a710f430f006b7980ef6b2437fcf94503aeaa40e4bf34fc81e53cfbd79465ce41468bc8060af564a2dbb45744ae39d34258
-
SSDEEP
6144:k95xk7oooo1C6wmAp7d3rqC90zQyVc6eON2cVm:6xk7Xozo++5zD9eON2co
Behavioral task
behavioral1
Sample
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9
-
Size
258KB
-
MD5
4f0b50784beb9a1dd506b2bd8dada113
-
SHA1
51234eafca02247fef4115a1a6fef369bc872ebb
-
SHA256
816804a1bc504b480d67b0471048f6af37eb4ed66942e736dffd62d4ee478ba9
-
SHA512
ed8dd0f77c5e96c4d42aa15481250a710f430f006b7980ef6b2437fcf94503aeaa40e4bf34fc81e53cfbd79465ce41468bc8060af564a2dbb45744ae39d34258
-
SSDEEP
6144:k95xk7oooo1C6wmAp7d3rqC90zQyVc6eON2cVm:6xk7Xozo++5zD9eON2co
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-