General
-
Target
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3
-
Size
117KB
-
Sample
221202-r2pygsbf61
-
MD5
936db265d0cc43bb03032816789fcbf9
-
SHA1
5223a8bad8968d4ebebef23428f18223fdd38944
-
SHA256
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3
-
SHA512
48942b1d8edcb91cfc3383bcb18f08af6ebaa956dda58e076f9d5b5f03efae3e363a33fc7208a7b465e234fe7aae22a027402fe234f60750bc1564d226f84d7e
-
SSDEEP
1536:JxqjQ+P04wsmJC1I0fqQ5OGR4CaxWJJ0/bgBgvTh26QshXaE0g:sr85C1zfTOG0xgsb7d26QshX5
Behavioral task
behavioral1
Sample
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3
-
Size
117KB
-
MD5
936db265d0cc43bb03032816789fcbf9
-
SHA1
5223a8bad8968d4ebebef23428f18223fdd38944
-
SHA256
8181ee9f2f9dfbafca606440b9e0a141855d4951c76a4655762e804bd0305de3
-
SHA512
48942b1d8edcb91cfc3383bcb18f08af6ebaa956dda58e076f9d5b5f03efae3e363a33fc7208a7b465e234fe7aae22a027402fe234f60750bc1564d226f84d7e
-
SSDEEP
1536:JxqjQ+P04wsmJC1I0fqQ5OGR4CaxWJJ0/bgBgvTh26QshXaE0g:sr85C1zfTOG0xgsb7d26QshX5
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-