General
-
Target
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a
-
Size
4.5MB
-
Sample
240425-enxpysfb4y
-
MD5
2e5de2f46d2f085602f900f4a87e3666
-
SHA1
975c9fa1f0c1653624f79da43fed3de8e724b621
-
SHA256
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a
-
SHA512
4d8a1a29805f4dd99ceb780527f54acc5b1a447c5d6cad4f0f8cd2bc750decc7db752847c0dead2f020428480c43f7280deea6a77c8935e8cb059029766afe99
-
SSDEEP
49152:aSJZ5BgIw0zXCWSKkVGgX+kR3RDSBZTagcoErCtOe9wJqJnsT6ZlYmxR3lDaNS/n:B/zKgZRHcsgIOK
Behavioral task
behavioral1
Sample
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a
-
Size
4.5MB
-
MD5
2e5de2f46d2f085602f900f4a87e3666
-
SHA1
975c9fa1f0c1653624f79da43fed3de8e724b621
-
SHA256
db1fd14460885fe2f18f3d6f953d62842de43b221e0dc08d38ee18460057db4a
-
SHA512
4d8a1a29805f4dd99ceb780527f54acc5b1a447c5d6cad4f0f8cd2bc750decc7db752847c0dead2f020428480c43f7280deea6a77c8935e8cb059029766afe99
-
SSDEEP
49152:aSJZ5BgIw0zXCWSKkVGgX+kR3RDSBZTagcoErCtOe9wJqJnsT6ZlYmxR3lDaNS/n:B/zKgZRHcsgIOK
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-