General
-
Target
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a.exe
-
Size
728KB
-
Sample
240417-cw99xacg6v
-
MD5
9762ce69c2bf80bf5ffd1029ac0b11ec
-
SHA1
49694133876acbe35f5493d99a967089ea1cc17a
-
SHA256
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a
-
SHA512
6ca9dd8b6774f47d5f72727bc5e5ff9764ee145522747342d13854f571d61314c2f1bd83125dd181ad0d8f7c4a1a77974668d10f14876de293f2e30ba33e0e44
-
SSDEEP
12288:LxyXRz/I7vByWqTBAdLh9pyEpF/6AJdrWZE1uSRHC6ZDV0xhB01/6NIMt4vv+Kyb:L0Q7vByOTzJRWZeRiMV0DBLNIMaGKy3L
Static task
static1
Behavioral task
behavioral1
Sample
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a.exe
-
Size
728KB
-
MD5
9762ce69c2bf80bf5ffd1029ac0b11ec
-
SHA1
49694133876acbe35f5493d99a967089ea1cc17a
-
SHA256
fc7c9c64d0801f66f22ea258673b12b73f392b958cf38dbf14432dcdb3037e5a
-
SHA512
6ca9dd8b6774f47d5f72727bc5e5ff9764ee145522747342d13854f571d61314c2f1bd83125dd181ad0d8f7c4a1a77974668d10f14876de293f2e30ba33e0e44
-
SSDEEP
12288:LxyXRz/I7vByWqTBAdLh9pyEpF/6AJdrWZE1uSRHC6ZDV0xhB01/6NIMt4vv+Kyb:L0Q7vByOTzJRWZeRiMV0DBLNIMaGKy3L
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Detects executables packed with SmartAssembly
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-