General
-
Target
2024-04-30_d6da671d1cb0a8be4874d9fb19f40ab3_neshta_phobos
-
Size
98KB
-
Sample
240430-2prawsbe47
-
MD5
d6da671d1cb0a8be4874d9fb19f40ab3
-
SHA1
f74cfb8aa156be19d8ecf862b7f4563363725436
-
SHA256
4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2
-
SHA512
58230fd980e814c77d6c0553c23a9fc3ce02e21dca049d7b56267b6df4acb705cddba5bab1bab60a3b94effc71ca0aaf3982446b2c90cc747f4008f7b5468485
-
SSDEEP
1536:JxqjQ+P04wsmJCpEEt4AwMEz9UQz0QNeRBl5PT/rx1mzwRMSTdLpJPs:sr85Cn45MEyQ5QRrmzwR5Jk
Behavioral task
behavioral1
Sample
2024-04-30_d6da671d1cb0a8be4874d9fb19f40ab3_neshta_phobos.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-30_d6da671d1cb0a8be4874d9fb19f40ab3_neshta_phobos.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-30_d6da671d1cb0a8be4874d9fb19f40ab3_neshta_phobos
-
Size
98KB
-
MD5
d6da671d1cb0a8be4874d9fb19f40ab3
-
SHA1
f74cfb8aa156be19d8ecf862b7f4563363725436
-
SHA256
4e30f39ae6e696ed5ef6dd57a5144bcfde73bea5604179db13da438a33880bd2
-
SHA512
58230fd980e814c77d6c0553c23a9fc3ce02e21dca049d7b56267b6df4acb705cddba5bab1bab60a3b94effc71ca0aaf3982446b2c90cc747f4008f7b5468485
-
SSDEEP
1536:JxqjQ+P04wsmJCpEEt4AwMEz9UQz0QNeRBl5PT/rx1mzwRMSTdLpJPs:sr85Cn45MEyQ5QRrmzwR5Jk
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-