General
-
Target
7387c14522bff59beddbf0412ccbe64e9cbe4cb2a04f49eca7394651abd896d4
-
Size
741KB
-
Sample
240417-q34mlaad36
-
MD5
64f6b765120773ded6043dce1a96d377
-
SHA1
8f101d8d51b3fbe34bc73dda7f9cc153730cdf28
-
SHA256
7387c14522bff59beddbf0412ccbe64e9cbe4cb2a04f49eca7394651abd896d4
-
SHA512
0db67869e6b7988812220aad94d25b5735488f4514fd7f5690b3be0b8d0a25f4811e16a2c906529853d511078068fe3524f921696f07d0123799db79b1b30e40
-
SSDEEP
12288:dan976P3JrvirAvEg6tL/DHJDvquyALrWYOlSJM+l32HXpMBsJ9oxFxVP:dC6PJWkoL/DxvquycrW3M++J23pPgnP
Static task
static1
Behavioral task
behavioral1
Sample
0737b4a17fda7c3b5ffe49d1f33da4b1789d0f3b7c77a54113d6136f1672782a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0737b4a17fda7c3b5ffe49d1f33da4b1789d0f3b7c77a54113d6136f1672782a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
0737b4a17fda7c3b5ffe49d1f33da4b1789d0f3b7c77a54113d6136f1672782a.exe
-
Size
858KB
-
MD5
a2242c1c19df8b628a64165e062b03a3
-
SHA1
11f998b2c123df7b43814248f40aefb0de75e9d8
-
SHA256
0737b4a17fda7c3b5ffe49d1f33da4b1789d0f3b7c77a54113d6136f1672782a
-
SHA512
cd624bb5592f216e051c4aad09b6cd9e7c2ce618f51644a065f24aea28d79395441522645532146595641f221e3b4e072921824977faa8b0b829b45ee085ee27
-
SSDEEP
12288:im/0YOwqOpYwLAkls2u7ttMzn4BZ+1ijJAxGOgZKvugJC5wgMscL7GYCEvj2qm3:iSO7vtklspu4L+1ijWxOsugQ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-