General
-
Target
c73db3a4bf51b48059eef2a5003feafc43dc7e93bf8c70fb51a0423c212d85a7.cmd
-
Size
6KB
-
Sample
240524-b42gasgh97
-
MD5
f96b390af9be44e21ffec109cb107462
-
SHA1
716dda50fc30581e587c0a3d8c65d45aefbfec14
-
SHA256
c73db3a4bf51b48059eef2a5003feafc43dc7e93bf8c70fb51a0423c212d85a7
-
SHA512
09fdcbc4b6153d37889c4b91f9ce996b5b1131ca50db1f3749420860e2731da915babc6a379e64b762c2cb2f4bf399760dae5b48adffba8ca95ce44b71fdd649
-
SSDEEP
96:vNL+Uex09u1ayG4ZJSpIOzmJOH2BLE6BNMi9SioPrHu1v7Pn/VKdgoZcLA4sKLUd:vNHbyG4ZJeJzmJYsqju1v7Poqo7zKwd
Malware Config
Targets
-
-
Target
c73db3a4bf51b48059eef2a5003feafc43dc7e93bf8c70fb51a0423c212d85a7.cmd
-
Size
6KB
-
MD5
f96b390af9be44e21ffec109cb107462
-
SHA1
716dda50fc30581e587c0a3d8c65d45aefbfec14
-
SHA256
c73db3a4bf51b48059eef2a5003feafc43dc7e93bf8c70fb51a0423c212d85a7
-
SHA512
09fdcbc4b6153d37889c4b91f9ce996b5b1131ca50db1f3749420860e2731da915babc6a379e64b762c2cb2f4bf399760dae5b48adffba8ca95ce44b71fdd649
-
SSDEEP
96:vNL+Uex09u1ayG4ZJSpIOzmJOH2BLE6BNMi9SioPrHu1v7Pn/VKdgoZcLA4sKLUd:vNHbyG4ZJeJzmJYsqju1v7Poqo7zKwd
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-