General
-
Target
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225
-
Size
964KB
-
Sample
241216-ydvbmazkem
-
MD5
eac340816ae9932197fd6cc6da59224e
-
SHA1
b1fd62359bbff474196f431ef8f594d40b6fc558
-
SHA256
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225
-
SHA512
2815b6eec7042de4833bd932b9a50e59b02df718df286bec65bb26c775555f7961027a93f683593829e74c727e19ec7cd8a0980062d3eabed4b251ed35c6ab49
-
SSDEEP
24576:8PgKGIBRRgkCSRFjLXmPCuqg4z+zAornj:hKGPkfRRVe4C7
Behavioral task
behavioral1
Sample
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225
-
Size
964KB
-
MD5
eac340816ae9932197fd6cc6da59224e
-
SHA1
b1fd62359bbff474196f431ef8f594d40b6fc558
-
SHA256
0f1d4240a36c15367fc4a441288149d683f43eb05b1c2a60f642a4313296b225
-
SHA512
2815b6eec7042de4833bd932b9a50e59b02df718df286bec65bb26c775555f7961027a93f683593829e74c727e19ec7cd8a0980062d3eabed4b251ed35c6ab49
-
SSDEEP
24576:8PgKGIBRRgkCSRFjLXmPCuqg4z+zAornj:hKGPkfRRVe4C7
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-