General
-
Target
kam.cmd
-
Size
6KB
-
Sample
240523-wn795abc74
-
MD5
c7b720a0f6bffebe027826a2508c52dc
-
SHA1
41b21cdcd0afd9363d1c79202d687c65fc6128b4
-
SHA256
c67dbe7d1bfb36fcab8391ea0728382445c106fb08ad19f9a3fb3777cdef5562
-
SHA512
4e519b29716116807d312aa87453f57eca6893dc84fb4a761ac569c240b5ef617854f6f14a1bcac00ebf9e142ecb0d9d437d48a3542f5cae5bf6d09e5050c199
-
SSDEEP
96:549QmKe2Eb8DxZzthv2iDf8r0dMxmr8BhG+ZmrJ2iCzs:5Le2BYPSE5dlzs
Static task
static1
Behavioral task
behavioral1
Sample
kam.cmd
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
kam.cmd
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
kam.cmd
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
kam.cmd
-
Size
6KB
-
MD5
c7b720a0f6bffebe027826a2508c52dc
-
SHA1
41b21cdcd0afd9363d1c79202d687c65fc6128b4
-
SHA256
c67dbe7d1bfb36fcab8391ea0728382445c106fb08ad19f9a3fb3777cdef5562
-
SHA512
4e519b29716116807d312aa87453f57eca6893dc84fb4a761ac569c240b5ef617854f6f14a1bcac00ebf9e142ecb0d9d437d48a3542f5cae5bf6d09e5050c199
-
SSDEEP
96:549QmKe2Eb8DxZzthv2iDf8r0dMxmr8BhG+ZmrJ2iCzs:5Le2BYPSE5dlzs
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-