General
-
Target
LisectAVT_2403002A_54.exe
-
Size
742KB
-
Sample
240725-a4pbaszhqh
-
MD5
ef179c05dd3a2af711ce37bc03b71b95
-
SHA1
6717ae0bb0998267b9952f8e676859ae46092511
-
SHA256
083f671bdfa7b080edff7dc531e68b5179f0adf3109bc5509952209d4c6bffd1
-
SHA512
6f95182fc8fcd0a6a7ee642d96622741435a2dda0dfa28db9bdbbce372c0eb2aed52bd1f1edf13a697846759736901019779f6e76e458b8284de6ae24a8fbda3
-
SSDEEP
12288:MHpFYa5Wkb3macr/l/dQ9ox1R04Xclt5/yXuJtWLYn0lOY7MMlqoIDS/yuYK:hkyzl/dQ9wk5PWUn8OY7Wl6RY
Static task
static1
Behavioral task
behavioral1
Sample
LisectAVT_2403002A_54.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002A_54.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
LisectAVT_2403002A_54.exe
-
Size
742KB
-
MD5
ef179c05dd3a2af711ce37bc03b71b95
-
SHA1
6717ae0bb0998267b9952f8e676859ae46092511
-
SHA256
083f671bdfa7b080edff7dc531e68b5179f0adf3109bc5509952209d4c6bffd1
-
SHA512
6f95182fc8fcd0a6a7ee642d96622741435a2dda0dfa28db9bdbbce372c0eb2aed52bd1f1edf13a697846759736901019779f6e76e458b8284de6ae24a8fbda3
-
SSDEEP
12288:MHpFYa5Wkb3macr/l/dQ9ox1R04Xclt5/yXuJtWLYn0lOY7MMlqoIDS/yuYK:hkyzl/dQ9wk5PWUn8OY7Wl6RY
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-