General
-
Target
713ee5303a9b0d04d6d5107ead0a624d40c2cdd1e4ad43e4ab2fdcfe813b23a8N
-
Size
7.1MB
-
Sample
241018-x13qvawbpl
-
MD5
d3e1dd11e0f01bbbe93f9ac0406c54c0
-
SHA1
2c7adcd44d5ed660cd9cdb97426a4c91eff00368
-
SHA256
713ee5303a9b0d04d6d5107ead0a624d40c2cdd1e4ad43e4ab2fdcfe813b23a8
-
SHA512
7cff26517356dcf48e3da0ee7a69f0023c1e72a2cb07e4a81e0bbed9200ef808245ae68ad6db42f4613eb6e08ca730b7a846dd24dfc7f4d92330d238b8aacb5f
-
SSDEEP
196608:Eb2IrnugKVAuAwVbdiU9mRwvuoklW0YrUvw:BgKVAuAIluDLlDYYI
Static task
static1
Behavioral task
behavioral1
Sample
713ee5303a9b0d04d6d5107ead0a624d40c2cdd1e4ad43e4ab2fdcfe813b23a8N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
713ee5303a9b0d04d6d5107ead0a624d40c2cdd1e4ad43e4ab2fdcfe813b23a8N
-
Size
7.1MB
-
MD5
d3e1dd11e0f01bbbe93f9ac0406c54c0
-
SHA1
2c7adcd44d5ed660cd9cdb97426a4c91eff00368
-
SHA256
713ee5303a9b0d04d6d5107ead0a624d40c2cdd1e4ad43e4ab2fdcfe813b23a8
-
SHA512
7cff26517356dcf48e3da0ee7a69f0023c1e72a2cb07e4a81e0bbed9200ef808245ae68ad6db42f4613eb6e08ca730b7a846dd24dfc7f4d92330d238b8aacb5f
-
SSDEEP
196608:Eb2IrnugKVAuAwVbdiU9mRwvuoklW0YrUvw:BgKVAuAIluDLlDYYI
-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1