General
-
Target
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cfN.exe
-
Size
7.2MB
-
Sample
241207-dwdrdatkdx
-
MD5
05442d4ae12dcdbe66842668eff47790
-
SHA1
7325d4e70648f103bea78c6005c54087389925c3
-
SHA256
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cf
-
SHA512
7a9798a395c1ea133ec15ea2d09f9f3527083f5ced4be7b21db1d170a86f06fed282e4b189eb74d93a564f29e36b6178f969f000d7472fe40718d976b850e742
-
SSDEEP
196608:Ye4cH6mibEdWLfvnEQFwbBEPbaJzQX1zt9y8T7wUbGLa7/c:mcHM4MDEkOBEPwzc1z9TZ/c
Behavioral task
behavioral1
Sample
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cfN.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cfN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cfN.exe
-
Size
7.2MB
-
MD5
05442d4ae12dcdbe66842668eff47790
-
SHA1
7325d4e70648f103bea78c6005c54087389925c3
-
SHA256
61469bc9a1f5ec581a481817f4a701c4743c6bccd4d180f7fd5c14153986a2cf
-
SHA512
7a9798a395c1ea133ec15ea2d09f9f3527083f5ced4be7b21db1d170a86f06fed282e4b189eb74d93a564f29e36b6178f969f000d7472fe40718d976b850e742
-
SSDEEP
196608:Ye4cH6mibEdWLfvnEQFwbBEPbaJzQX1zt9y8T7wUbGLa7/c:mcHM4MDEkOBEPwzc1z9TZ/c
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Drops file in System32 directory
-