Overview
overview
10Static
static
10massexe.rar
windows10-ltsc 2021-x64
10massexe/Input.txt
windows10-ltsc 2021-x64
1massexe/Ma...UI.exe
windows10-ltsc 2021-x64
10massexe/Packet.dll
windows10-ltsc 2021-x64
3massexe/_config.ini
windows10-ltsc 2021-x64
1massexe/masscan.exe
windows10-ltsc 2021-x64
10massexe/msvcr100.dll
windows10-ltsc 2021-x64
3massexe/wi...13.exe
windows10-ltsc 2021-x64
10massexe/wpcap.dll
windows10-ltsc 2021-x64
3General
-
Target
massexe.rar
-
Size
1.2MB
-
Sample
241206-yft4mstndt
-
MD5
6a49c9dacdc038969eb4be05fda5cec1
-
SHA1
86ec1d0aff1082392731091209bad28efb0af06b
-
SHA256
0978712dbec1d91834dea2ca5f5e2115f32ab576ac57d40ff0a1ea337fecdae9
-
SHA512
f1e0b5068bd2e3f4c283f5300dffb3e67a26f4529d84e9e3c2c78948356234450846541c7b7004e4ce4fc251ddf67d7a41746e4c5f7390adf4af32a75a7af80d
-
SSDEEP
24576:FobC50XWdALUQ+H17ld8xUfhxfioB3vzJcVXuVAGkOBmu/gPV:J0XGAX+H1ZdY2LiO3dc0VAGfX/qV
Behavioral task
behavioral1
Sample
massexe.rar
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral2
Sample
massexe/Input.txt
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral3
Sample
massexe/Massscan_GUI.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral4
Sample
massexe/Packet.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral5
Sample
massexe/_config.ini
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral6
Sample
massexe/masscan.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral7
Sample
massexe/msvcr100.dll
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral8
Sample
massexe/winpcap-4.13.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral9
Sample
massexe/wpcap.dll
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
massexe.rar
-
Size
1.2MB
-
MD5
6a49c9dacdc038969eb4be05fda5cec1
-
SHA1
86ec1d0aff1082392731091209bad28efb0af06b
-
SHA256
0978712dbec1d91834dea2ca5f5e2115f32ab576ac57d40ff0a1ea337fecdae9
-
SHA512
f1e0b5068bd2e3f4c283f5300dffb3e67a26f4529d84e9e3c2c78948356234450846541c7b7004e4ce4fc251ddf67d7a41746e4c5f7390adf4af32a75a7af80d
-
SSDEEP
24576:FobC50XWdALUQ+H17ld8xUfhxfioB3vzJcVXuVAGkOBmu/gPV:J0XGAX+H1ZdY2LiO3dc0VAGfX/qV
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
-
-
Target
massexe/Input.txt
-
Size
852KB
-
MD5
66859c6a8d52d61400e5f1c7ebe785de
-
SHA1
9f3557a25545ead035d5083293524028869bdf4f
-
SHA256
9d41547923d778e3d1fa8320d94f910c2df90ab5d95dd76a2e40314769c86a41
-
SHA512
824f1d1cc711660aaf2333ecb53c7135b522dd8a30fdab65025e784882ec810ba400802af3ae44761d352555d5996e0ce7e64fcb88443be27092989208579a8e
-
SSDEEP
1536:EmZEDPA73OhGrAqIcczFmv425fadBN4dXlh7jCv0dxMUsmegXsz5Rv70Dv3l9KrB:JATl
Score1/10 -
-
-
Target
massexe/Massscan_GUI.exe
-
Size
374KB
-
MD5
2b32e197224207df4d688f00f79b2c51
-
SHA1
02c04f489f8566bcf661d159a36b3eb34934af5e
-
SHA256
1d7b3e6f89d5e2d1b6e25d3e2542fe5d9caba93646275f5c62e93dc42e48e805
-
SHA512
fdc38ea555a51e2008dbee0f8f85d01a20235dbf7fa615bd79f1711afe12d758b206356849b7784f600e5a95f782b472c6e1388efcf4a254ce646deb8ab6b08f
-
SSDEEP
3072:sr85C+56z456zB56zuIXk89V756zMVaxe0aX5Cw9j:k91j8Xcanj
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
-
-
Target
massexe/Packet.dll
-
Size
94KB
-
MD5
1250bef11bfa086f772cd2a273bc036e
-
SHA1
bfb60b4072f4533d8497f3d90631f818e345bcc6
-
SHA256
6b19cffaa2bf4359be1a0130a1fb47ab45e8c3be5d0cb7986579c5e04e1d77a5
-
SHA512
76cbc346468d400c4e6a95b3c91abfec0a63a375aade6f47c70a3b3db76c513bcfd91ed2994059a6c8bdd6b266f9b17ecf11f9941481c7a2692925d2457f5bba
-
SSDEEP
1536:6wG9plhvRIRVC2wJAyPFCnPKc0z70yIKtIn8zVpWj:E9rjh5t9cZyIKtInb
Score3/10 -
-
-
Target
massexe/_config.ini
-
Size
36B
-
MD5
f2f6b3a06183ba78036b01892fdbf89b
-
SHA1
159273566da38c3d9f004b3935ff03771a496b41
-
SHA256
fea68e0356634d39eb0f5a159533bbc58cd1e6caf2d6e416d9721b6f02d56882
-
SHA512
19438c84a83dabef57b3177756fd91fe46d69731fc3ef57025c132c5ba8cc16e0dc83ac9d999635e1044c802c8a599bae21f8bfd30bf08bcd4ea398cc04e4639
Score1/10 -
-
-
Target
massexe/masscan.exe
-
Size
273KB
-
MD5
bcaa226fd557ba6ca18628e1ae3c6053
-
SHA1
2cb78f3f36b27bc692c4856bd6cb20e2cebdb344
-
SHA256
f7f2af6f4dd9d0af03e6af3aba685969ec9ed22295055882e571bef3e96bbc4e
-
SHA512
de0bac7d4cf9d2a00bb880e04d788d3bb21a243864b1df089547c2f4b20e7e18e8b3ce2f784b44c61561e4dccf350ea01e65dd9f943e98f833879fcb1db4a65a
-
SSDEEP
6144:k9wmz/EkPt1xeHP9mCeswbjnK6swOp9cLKQaNTiL:Iz/Ek1eHP9KPf698hMTY
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
-
-
Target
massexe/msvcr100.dll
-
Size
755KB
-
MD5
0e37fbfa79d349d672456923ec5fbbe3
-
SHA1
4e880fc7625ccf8d9ca799d5b94ce2b1e7597335
-
SHA256
8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18
-
SHA512
2bea9bd528513a3c6a54beac25096ee200a4e6ccfc2a308ae9cfd1ad8738e2e2defd477d59db527a048e5e9a4fe1fc1d771701de14ef82b4dbcdc90df0387630
-
SSDEEP
12288:nMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BVoe3z:MmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV7z
Score3/10 -
-
-
Target
massexe/winpcap-4.13.exe
-
Size
464KB
-
MD5
ce5cf0bb6b5d6da269289007b17652e3
-
SHA1
9d81fd8d4b20dc7d68e6783ff872ff577dbebd2c
-
SHA256
4ac6a84eda7b4b474f00118733da6e7f33c35f009a554a6f78d4464cb7101192
-
SHA512
c503821a71ef2e4861d6009fa48a1b69ff88e8bfc6ff2244f652e2dca60004c80e4cc6b1cb22f67ccd43a26dc037d1c7fcce1ff031ecc16820dbc96675857d77
-
SSDEEP
6144:k9X3dmkMIdQQkpxYLcP+k471Xr4bjMxiW+D/xqfF3o2KCzDunki8m/VlidXTj2EF:W34kDdc8L4bQA5qt3CxnkLwlQFPcOLsk
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
massexe/wpcap.dll
-
Size
220KB
-
MD5
5c5561185a8751711156934585f002e8
-
SHA1
4bc6097e41191903fcec60b5b6363c857e2d25af
-
SHA256
4c2b690d8d9afaefc531d1fedcf2d067ffca8b7e2f99072014b6a6d8edfdc49c
-
SHA512
6cb133fb2b8adbf5a939dadb9ea62f9400999eecbb0fd7af07cb6350cb02f2bb9133db61140776ad79addd8574a6ab4d78236ac816e4bbe2f95cf3a77823b2fc
-
SSDEEP
3072:mHrZxq7dQ2qjbGO4eQ9KuuwN3Ch0kIrNsZ3Gva5aOlqPozwH:mHHqHb5eQEaN3O0kgyZ3j51
Score3/10 -