neshta | a6dbf734e365972d5b7e27bdaf8a5ab473bbce095a76615514ef865d0d29fd81 | Triage

Submit
Reports

Overview

overview

Static

static

7c917a7aed...d3.exe

windows7-x64

7c917a7aed...d3.exe

windows10-2004-x64

1

Resubmissions

29-11-2024 09:10

241129-k5dlasxkds 10

30-12-2023 18:55

231230-xkwycsbfdm 10

Sharing

General

Target

7c917a7aed7ca918811fb658bd50b0d3.exe
Size

3.5MB
Sample

231230-xkwycsbfdm
MD5

7c917a7aed7ca918811fb658bd50b0d3
SHA1

084ce953cbdc86f1b065e306a5d07bc06cfd1de9
SHA256

a6dbf734e365972d5b7e27bdaf8a5ab473bbce095a76615514ef865d0d29fd81
SHA512

d159d03454ceefc17378a6e61ff7e4a483d56cf457b5767805d61d48d33606f9839af5b5ce7afedbd30363acf3253793be30bfcb017a301e533c5e76c2753321
SSDEEP

98304:Gnsmtk2azmtk2a7mtk2aZnJOIAcUjeCBQRqTnFn9:4LbD6m/Z9

Score

10^/10

neshta persistence spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

7c917a7aed7ca918811fb658bd50b0d3.exe

Resource

win7-20231215-en

neshta persistence spyware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c917a7aed7ca918811fb658bd50b0d3.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  7c917a7aed7ca918811fb658bd50b0d3.exe
- Size
  
  3.5MB
- MD5
  
  7c917a7aed7ca918811fb658bd50b0d3
- SHA1
  
  084ce953cbdc86f1b065e306a5d07bc06cfd1de9
- SHA256
  
  a6dbf734e365972d5b7e27bdaf8a5ab473bbce095a76615514ef865d0d29fd81
- SHA512
  
  d159d03454ceefc17378a6e61ff7e4a483d56cf457b5767805d61d48d33606f9839af5b5ce7afedbd30363acf3253793be30bfcb017a301e533c5e76c2753321
- SSDEEP
  
  98304:Gnsmtk2azmtk2a7mtk2aZnJOIAcUjeCBQRqTnFn9:4LbD6m/Z9
Score

10^/10

neshta persistence spyware
- Detect Neshta payload
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neshtapersistencespyware

behavioral2

© 2018-2025

Terms | Privacy