General
-
Target
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483
-
Size
168KB
-
Sample
240617-ee6lhaxcjm
-
MD5
4f0a4de1b91902f336c57e8e1b1638bd
-
SHA1
b98fb401fcf776a97f6e166aa90778ee43200e73
-
SHA256
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483
-
SHA512
8c7075d866fe85d9805a205f10b1fcc6300f95a02e8b8afe53b64f8be2d83e867f49642cc2d55948fffa990ade3c19c9d85a20e2d9c5c0829e3bb51686965d59
-
SSDEEP
3072:sr85Cy7LIvfHYTok7RcPJ5GSLcwur5cPJ5GSLcwurh:k9ngTGPJRzur+PJRzurh
Behavioral task
behavioral1
Sample
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483
-
Size
168KB
-
MD5
4f0a4de1b91902f336c57e8e1b1638bd
-
SHA1
b98fb401fcf776a97f6e166aa90778ee43200e73
-
SHA256
ef4c96666569d18372ec5d4bb6c1bb9bd05bd17fb7a025c82b3f79eb5b88e483
-
SHA512
8c7075d866fe85d9805a205f10b1fcc6300f95a02e8b8afe53b64f8be2d83e867f49642cc2d55948fffa990ade3c19c9d85a20e2d9c5c0829e3bb51686965d59
-
SSDEEP
3072:sr85Cy7LIvfHYTok7RcPJ5GSLcwur5cPJ5GSLcwurh:k9ngTGPJRzur+PJRzurh
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-