General
-
Target
dd8e7f680116afcccaa00c8cc896f7c88a0868f243cb336d867629ae2efc4b95N.exe
-
Size
8.0MB
-
Sample
241118-q2hzhaxfjh
-
MD5
522c36c342a2ead024c63b2ad4af7750
-
SHA1
9b41ce535eb7efb20a808e017b0f82d223656e51
-
SHA256
dd8e7f680116afcccaa00c8cc896f7c88a0868f243cb336d867629ae2efc4b95
-
SHA512
b67a86340fa3d74fa616e0f563b7bc500a6fcaa9cbc443bddebc1332355f0b9d2de771a9a46388a7472f3a1cd190307305745d15323a8fbdff9ad316ac3fef00
-
SSDEEP
196608:XbEGIvoTLRugGP9N2WDxovI1QBujVv13n:gGT9O9NL2giBujR1X
Behavioral task
behavioral1
Sample
dd8e7f680116afcccaa00c8cc896f7c88a0868f243cb336d867629ae2efc4b95N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
dd8e7f680116afcccaa00c8cc896f7c88a0868f243cb336d867629ae2efc4b95N.exe
-
Size
8.0MB
-
MD5
522c36c342a2ead024c63b2ad4af7750
-
SHA1
9b41ce535eb7efb20a808e017b0f82d223656e51
-
SHA256
dd8e7f680116afcccaa00c8cc896f7c88a0868f243cb336d867629ae2efc4b95
-
SHA512
b67a86340fa3d74fa616e0f563b7bc500a6fcaa9cbc443bddebc1332355f0b9d2de771a9a46388a7472f3a1cd190307305745d15323a8fbdff9ad316ac3fef00
-
SSDEEP
196608:XbEGIvoTLRugGP9N2WDxovI1QBujVv13n:gGT9O9NL2giBujR1X
-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-