General
-
Target
BlitzedGrabberV12.exe
-
Size
1.7MB
-
Sample
230309-apf2dagf8w
-
MD5
d9b83c99818f7f4c02a42008eeecd9d8
-
SHA1
d574c658c7f22a0684610d65866beb563a42151a
-
SHA256
542918b6def9c9ecd21dfc946545f44ee928f02be33efc0fec2d028d4341d41e
-
SHA512
2e641b7e5978f53a2609dfdb129801098966de8f868511fa77e29cd87816590ef75652beb992b8063958ce27a890f0dedd96340e1b7e8443edebe071f6c1b8a2
-
SSDEEP
24576:+xAskWeOT4n5lLHxnpL2Q/NLmKgDJ68p4C8BsePDigEoXh7O83igweBAWgtd:2AznU4n9t2ELj18p4BDifoM83ig9Apv
Behavioral task
behavioral1
Sample
BlitzedGrabberV12.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
BlitzedGrabberV12.exe
-
Size
1.7MB
-
MD5
d9b83c99818f7f4c02a42008eeecd9d8
-
SHA1
d574c658c7f22a0684610d65866beb563a42151a
-
SHA256
542918b6def9c9ecd21dfc946545f44ee928f02be33efc0fec2d028d4341d41e
-
SHA512
2e641b7e5978f53a2609dfdb129801098966de8f868511fa77e29cd87816590ef75652beb992b8063958ce27a890f0dedd96340e1b7e8443edebe071f6c1b8a2
-
SSDEEP
24576:+xAskWeOT4n5lLHxnpL2Q/NLmKgDJ68p4C8BsePDigEoXh7O83igweBAWgtd:2AznU4n9t2ELj18p4BDifoM83ig9Apv
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-