General
-
Target
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
-
Size
8.6MB
-
Sample
240414-mf993sah4z
-
MD5
0bba9ea4154714cec6d67a8788535723
-
SHA1
4ae792b89db732e5c664bccaec9ef10797a8488d
-
SHA256
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b
-
SHA512
6cb04eebd19aa8baff8853b5d7474b3f8feb86e0dcc4cc28035c3a44aaada61f6bd9beb7831d6f7e2f742665898994f9aec7264309c0c908e561cca21ee7e2a4
-
SSDEEP
98304:D6cZV1QNa2cGlKTdAp1VdV/b+tAeGJwTt1BWmJwL+lTBHMjr33:ZZbQ5zdtb6p1BWYHG
Behavioral task
behavioral1
Sample
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral4
Sample
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b.exe
-
Size
8.6MB
-
MD5
0bba9ea4154714cec6d67a8788535723
-
SHA1
4ae792b89db732e5c664bccaec9ef10797a8488d
-
SHA256
5a3bf0b8d1a106547a414123b92c2bbf0560d1f38599956335c2bc8c2c9f4e0b
-
SHA512
6cb04eebd19aa8baff8853b5d7474b3f8feb86e0dcc4cc28035c3a44aaada61f6bd9beb7831d6f7e2f742665898994f9aec7264309c0c908e561cca21ee7e2a4
-
SSDEEP
98304:D6cZV1QNa2cGlKTdAp1VdV/b+tAeGJwTt1BWmJwL+lTBHMjr33:ZZbQ5zdtb6p1BWYHG
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-