General
-
Target
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f
-
Size
8.2MB
-
Sample
240424-w2lnaaeh8t
-
MD5
406d69c5cc6b5ea8dc92aedd81c666fe
-
SHA1
96804b57cc5fd416e123478306e494b3b0ed56e6
-
SHA256
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f
-
SHA512
30b79177a5a18e460189d35ccdcd2784f45f80fbc2c23af21ead6ac3ba6cc1408d4058694351e42b35553d723d953acdca9f946650ba8185843be0d2d791b110
-
SSDEEP
196608:HmZfGMkASVqV26hgDneSfTuHoEj917Ms3sFO0STMC0M:auMkqE5woEj91fX0gMCf
Behavioral task
behavioral1
Sample
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f
-
Size
8.2MB
-
MD5
406d69c5cc6b5ea8dc92aedd81c666fe
-
SHA1
96804b57cc5fd416e123478306e494b3b0ed56e6
-
SHA256
05e51e0c12a93f5c5d4067c688cea0bbf4a6e8e6f9661ec9b3ce12df9fc99a4f
-
SHA512
30b79177a5a18e460189d35ccdcd2784f45f80fbc2c23af21ead6ac3ba6cc1408d4058694351e42b35553d723d953acdca9f946650ba8185843be0d2d791b110
-
SSDEEP
196608:HmZfGMkASVqV26hgDneSfTuHoEj917Ms3sFO0STMC0M:auMkqE5woEj91fX0gMCf
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-