General
-
Target
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4N.exe
-
Size
975KB
-
Sample
241216-p5ntgs1rcp
-
MD5
f17d17f28cc6693596e76b41d4369860
-
SHA1
ff879e8bdf1e1810f3953997dfc9932ce1be69cf
-
SHA256
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4
-
SHA512
027a52fb7c8c303dd2e01d2bdd6e4cf813bee9c3f52bad2bfeabc64e7214b3e09884f353a78b2ae0705e196cd726558508ef28e2a141a85f794a43e486b694d7
-
SSDEEP
24576:k3+eWsN3skA4RV1Hom2KXMmHa0Yz9UObo5TAHnx:k3+ZkldoPK8YaLZUOiex
Behavioral task
behavioral1
Sample
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4N.exe
-
Size
975KB
-
MD5
f17d17f28cc6693596e76b41d4369860
-
SHA1
ff879e8bdf1e1810f3953997dfc9932ce1be69cf
-
SHA256
00c31d35ecc61338b3b86cfa954414e9dc8d83cba666d05db9411985dfa246a4
-
SHA512
027a52fb7c8c303dd2e01d2bdd6e4cf813bee9c3f52bad2bfeabc64e7214b3e09884f353a78b2ae0705e196cd726558508ef28e2a141a85f794a43e486b694d7
-
SSDEEP
24576:k3+eWsN3skA4RV1Hom2KXMmHa0Yz9UObo5TAHnx:k3+ZkldoPK8YaLZUOiex
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-