General
-
Target
Order 24007219.exe
-
Size
774KB
-
Sample
240328-lsrstsfe38
-
MD5
e77f0d830d8353f748f97ea6c692b7f7
-
SHA1
7202eec3edccf41aa004e542c1956533b9ac8c01
-
SHA256
2c39793aee8f8966937d52468306f422151978e4b43d665a09f78e5c91fe5401
-
SHA512
1b6b658dc42a1ffa577ac03743394335128c76950294eece9f3d0465f23a1b85c2e2fcd09b19af59fdcb05f605f4db2f3d17e3dbbf6afb3b44863fdf6f05e961
-
SSDEEP
12288:2I0YOwqO8Dx1q3oIGkuFsxwkG7+qF2UA6zlH+AfS4NtT9gnjs5SJd7DrXZAmDk1M:nO7O8Dx1qRuFsxwke9HpV0
Static task
static1
Behavioral task
behavioral1
Sample
Order 24007219.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
Order 24007219.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Order 24007219.exe
-
Size
774KB
-
MD5
e77f0d830d8353f748f97ea6c692b7f7
-
SHA1
7202eec3edccf41aa004e542c1956533b9ac8c01
-
SHA256
2c39793aee8f8966937d52468306f422151978e4b43d665a09f78e5c91fe5401
-
SHA512
1b6b658dc42a1ffa577ac03743394335128c76950294eece9f3d0465f23a1b85c2e2fcd09b19af59fdcb05f605f4db2f3d17e3dbbf6afb3b44863fdf6f05e961
-
SSDEEP
12288:2I0YOwqO8Dx1q3oIGkuFsxwkG7+qF2UA6zlH+AfS4NtT9gnjs5SJd7DrXZAmDk1M:nO7O8Dx1qRuFsxwke9HpV0
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-