General
-
Target
80538b85799ad9efd53243df8d1e64125a05c92a58e830d074fa25cff39788c8
-
Size
666KB
-
Sample
240417-p4q78ahe5w
-
MD5
f4f2ccfd54e17a22efb23a1508f68f6b
-
SHA1
26dca9f28d46b99a4b580e503d7aad82f5dccf20
-
SHA256
80538b85799ad9efd53243df8d1e64125a05c92a58e830d074fa25cff39788c8
-
SHA512
6c135766fb4f33d38cf7fc9c33a2ffeef99a38901d95dce5f2b747c49bd1fae15fdbf54d9e7d2adef6d09311216ab87be5e88536331abca11e11072e7ec7c796
-
SSDEEP
12288:d5UOdG8jSYO0zAfTS4Ytw+q/7wV04Ynz57K9AhzowYnzM5AHE:sO8aSkAG4YOeVvYntL/YnAcE
Static task
static1
Behavioral task
behavioral1
Sample
b17caccff755c664135937e36fdb567dbae543833983b6168bedbd827c99a9e1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b17caccff755c664135937e36fdb567dbae543833983b6168bedbd827c99a9e1.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b17caccff755c664135937e36fdb567dbae543833983b6168bedbd827c99a9e1.exe
-
Size
714KB
-
MD5
0f856264b3897d63e400a1ec6acd22dd
-
SHA1
80854d99b3594ba36a1c7cfa5714438bc443cb57
-
SHA256
b17caccff755c664135937e36fdb567dbae543833983b6168bedbd827c99a9e1
-
SHA512
b54310bc73460c8242eedffdbf3055802a14b46608b52a2eb212c71112a03be3c6989a4edf225a48e0fb497d64b4a933e6a14b4f138c1481eeb34cbb0723310b
-
SSDEEP
12288:kskRa5Wdqw2whDsM/xi8STi5zAJtxOqub4TSdQlol83NuDbT3y1PvWZNFx8RedyX:k/jj2EDsQxihiZAgquMtKl830rCeNc8+
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-