Resubmissions
29-12-2022 04:20
221229-eyjk3scc89 1003-12-2022 20:59
221203-zs4z2sec45 1027-11-2022 10:11
221127-l798qahd89 1026-11-2022 11:26
221126-njy7naea9t 1026-11-2022 11:26
221126-njvjgaea8y 1026-11-2022 11:25
221126-njsd4sbb98 1026-11-2022 11:25
221126-njj3qsbb88 1026-11-2022 11:22
221126-ng1byaea3x 1026-11-2022 11:17
221126-ndsgxsdg9y 10General
-
Target
af95f41f73e451c4d1f5fd8acdd0c863.exe
-
Size
1.1MB
-
Sample
221203-zs4z2sec45
-
MD5
af95f41f73e451c4d1f5fd8acdd0c863
-
SHA1
55c03b064063d15af1eb9bdb766bd90ec9b6f8c4
-
SHA256
2bf85967fb9126459be466a7ecbdbaa32bd1ec69e6cbee24a295852fff807b05
-
SHA512
f50d479038f16a60b0ef4f8670d0dcbf7016c96ef12fae08bc9448fed2d61a679844815c48c2b1a65464ba71c006d9ae63c2baf47c7ee3398323ed3077a31bb3
-
SSDEEP
24576:mRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:gJzdnm4lT8Q1r0pieR7H
Malware Config
Targets
-
-
Target
af95f41f73e451c4d1f5fd8acdd0c863.exe
-
Size
1.1MB
-
MD5
af95f41f73e451c4d1f5fd8acdd0c863
-
SHA1
55c03b064063d15af1eb9bdb766bd90ec9b6f8c4
-
SHA256
2bf85967fb9126459be466a7ecbdbaa32bd1ec69e6cbee24a295852fff807b05
-
SHA512
f50d479038f16a60b0ef4f8670d0dcbf7016c96ef12fae08bc9448fed2d61a679844815c48c2b1a65464ba71c006d9ae63c2baf47c7ee3398323ed3077a31bb3
-
SSDEEP
24576:mRBrzwX0YmJI8DRnCD4jtnT8Q1r0ly78ipwR7H:gJzdnm4lT8Q1r0pieR7H
-
Detect Neshta payload
-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
XMRig Miner payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-