General
-
Target
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5
-
Size
559KB
-
Sample
221202-r2w2ssbf8z
-
MD5
077427eaec9bf0cd41247d5a8ffd5f21
-
SHA1
53c931156686c316c3fe733c660650ca39506601
-
SHA256
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5
-
SHA512
c36c8a5da91f2e3cf8dacc08c1a20594e10e4a086cba79c86a6b54711dcdc094285e22370e224b596ca77b023e7a442de58e80f43e5eafb2db2833cec6313913
-
SSDEEP
12288:/JfNhckgQqKprF3MHlEEFxyA3FM1dtS2VzYKj86sbyS7Km3xqLr:/ZJNlF3MFDf5FMTtLpYOkP7RMn
Behavioral task
behavioral1
Sample
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5
-
Size
559KB
-
MD5
077427eaec9bf0cd41247d5a8ffd5f21
-
SHA1
53c931156686c316c3fe733c660650ca39506601
-
SHA256
683f425d67f75285de211d6f84a1b330330b7140123109643fbb969b960c92d5
-
SHA512
c36c8a5da91f2e3cf8dacc08c1a20594e10e4a086cba79c86a6b54711dcdc094285e22370e224b596ca77b023e7a442de58e80f43e5eafb2db2833cec6313913
-
SSDEEP
12288:/JfNhckgQqKprF3MHlEEFxyA3FM1dtS2VzYKj86sbyS7Km3xqLr:/ZJNlF3MFDf5FMTtLpYOkP7RMn
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-