General
-
Target
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd
-
Size
494KB
-
Sample
240617-ch532azanb
-
MD5
b159bad9460e65880396584f046214ec
-
SHA1
ecb5feeab2c2cb16a1fc9a48f915c264bd5fe047
-
SHA256
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd
-
SHA512
f1e3cfa4a642b9eb71731d842ba3944d96739781c5d70c64bc72bea20287bdc793d9e058ba507a5b912e5730345e152a686ceceb50c54bc5f1a98b384e0c5c9c
-
SSDEEP
12288:EQgp/NfS9xBbGvdY8SMIQc2kFEm8R2NSh:7s/lS9DG2pTJF42Qh
Behavioral task
behavioral1
Sample
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd
-
Size
494KB
-
MD5
b159bad9460e65880396584f046214ec
-
SHA1
ecb5feeab2c2cb16a1fc9a48f915c264bd5fe047
-
SHA256
c5fbec8e17496093fe2237baf0b6c1fc257f97232e9178f9f3abea03c85a8acd
-
SHA512
f1e3cfa4a642b9eb71731d842ba3944d96739781c5d70c64bc72bea20287bdc793d9e058ba507a5b912e5730345e152a686ceceb50c54bc5f1a98b384e0c5c9c
-
SSDEEP
12288:EQgp/NfS9xBbGvdY8SMIQc2kFEm8R2NSh:7s/lS9DG2pTJF42Qh
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-