General
-
Target
da003dd0cf255aac9702a043fe3ec1d0N.exe
-
Size
146KB
-
Sample
240725-r5qzysvamn
-
MD5
da003dd0cf255aac9702a043fe3ec1d0
-
SHA1
b92c46e50b53232435c6bd57b60fb9a0e740ae12
-
SHA256
41faeea6f3998395b6ab78991fa3b73190ea84b25eaa55d1fe96338a1673262b
-
SHA512
0e27a9c73b81720e1adc019b8626bb2418173ee5ebe765dc9974f3e6fd1af14b9ec2f1ce059a673eb83515ddcdedc0b8d3c513508d22dab0408bce08af75a75e
-
SSDEEP
3072:sr85CkkbAYn2GgYlBYN2fHYTo+Out8wDSRUTT:k9xbAMpgY3gTD8DRUTT
Behavioral task
behavioral1
Sample
da003dd0cf255aac9702a043fe3ec1d0N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
da003dd0cf255aac9702a043fe3ec1d0N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
da003dd0cf255aac9702a043fe3ec1d0N.exe
-
Size
146KB
-
MD5
da003dd0cf255aac9702a043fe3ec1d0
-
SHA1
b92c46e50b53232435c6bd57b60fb9a0e740ae12
-
SHA256
41faeea6f3998395b6ab78991fa3b73190ea84b25eaa55d1fe96338a1673262b
-
SHA512
0e27a9c73b81720e1adc019b8626bb2418173ee5ebe765dc9974f3e6fd1af14b9ec2f1ce059a673eb83515ddcdedc0b8d3c513508d22dab0408bce08af75a75e
-
SSDEEP
3072:sr85CkkbAYn2GgYlBYN2fHYTo+Out8wDSRUTT:k9xbAMpgY3gTD8DRUTT
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-