General
-
Target
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8
-
Size
6.7MB
-
Sample
240419-d5bclsge8s
-
MD5
177acc45d07ea41325763ec537589843
-
SHA1
18966f41e24ed66c56e63211dc79e68458890cb8
-
SHA256
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8
-
SHA512
e6e8c618b9cdc14954b645a4693f21efb09d828a0fd01c0a2ceee64c1a0548f71b29aa5982eee79d94ce261de5bee9914ae0a28e5cebc2aaefa344a93912d732
-
SSDEEP
49152:4g3JY5SzCL5bImOqSA+9DzDUEUTQhqA8YANL08Fq4CTXrnc2tpbpYMDWxZdV3svE:4g3JY5go3By845Y39KEvCH50Srn2vTd
Behavioral task
behavioral1
Sample
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8
-
Size
6.7MB
-
MD5
177acc45d07ea41325763ec537589843
-
SHA1
18966f41e24ed66c56e63211dc79e68458890cb8
-
SHA256
d7e454e3c994bd3c6071eed70ea571b2d8a3ed6a5dacda89f84b496ac4ec00e8
-
SHA512
e6e8c618b9cdc14954b645a4693f21efb09d828a0fd01c0a2ceee64c1a0548f71b29aa5982eee79d94ce261de5bee9914ae0a28e5cebc2aaefa344a93912d732
-
SSDEEP
49152:4g3JY5SzCL5bImOqSA+9DzDUEUTQhqA8YANL08Fq4CTXrnc2tpbpYMDWxZdV3svE:4g3JY5go3By845Y39KEvCH50Srn2vTd
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-