General
-
Target
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4
-
Size
201KB
-
Sample
241216-yeg3pazkgj
-
MD5
98a8a149332de1598102af4f45ed7347
-
SHA1
a651ef6471473c09e6afddb5f5a92664301a373e
-
SHA256
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4
-
SHA512
cdb5c5476196e0c346bf8a4674bb23b6794a265f85edce7e3f5778af9fd9112316ff60c14385983b7797c49f0be15e699dc3653c3b708a3b161e8720847fdb15
-
SSDEEP
3072:sr85CrOeZ/XyHIplTnTpw/8IBwZpRVJEMVDqyJ2z9IDqQT6jO5/X9KxymRximtif:k9/DAIVJ9D3J2z9I+BjyVYo6Y9D
Behavioral task
behavioral1
Sample
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4
-
Size
201KB
-
MD5
98a8a149332de1598102af4f45ed7347
-
SHA1
a651ef6471473c09e6afddb5f5a92664301a373e
-
SHA256
0f602b1ca1b75a289a107b422c79a2f1ea303e585ae87be24314977f3621a8d4
-
SHA512
cdb5c5476196e0c346bf8a4674bb23b6794a265f85edce7e3f5778af9fd9112316ff60c14385983b7797c49f0be15e699dc3653c3b708a3b161e8720847fdb15
-
SSDEEP
3072:sr85CrOeZ/XyHIplTnTpw/8IBwZpRVJEMVDqyJ2z9IDqQT6jO5/X9KxymRximtif:k9/DAIVJ9D3J2z9I+BjyVYo6Y9D
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1