A forum for reverse engineering, OS internals and malware analysis 

Virus:Win32/Neshta

Forum for analysis and discussion about malware.

Virus:Win32/Neshta

 #18991  by rkhunter
 Thu Jun 28, 2012 8:24 am
From collection http://www.kernelmode.info/forum/viewto ... =60#p14330

Virus:Win32/Neshta.A
MD5: 108d6633685dede2557457b232c35690
SHA1: 10975ae52b649a937cc41eb80b23a69940401d77

Virus:Win32/Jeefo.A
MD5: cc6e4138bc5b169ce9650a743d1fc172
SHA1: 5a97a464eedb180803392d45ef3b93ea55880349

Virus:Win32/Gael.D
MD5: a4095357849d612ab8a6476b2cbc86f8
SHA1: be2c93744a9ab3a6553e11c4e31cd6092e5c4ce3
Attachments
pass:infected
(64.7 KiB) Downloaded 144 times
pass:infected
(311.98 KiB) Downloaded 146 times

Re: Virus:Win32/Neshta

 #19075  by Xylitol
 Thu Apr 25, 2013 2:39 pm
Due to the lack of samples here are some, hope from interest, based on ESET signature.

Neshta.A:
https://www.virustotal.com/en/file/b4e5 ... 366899750/
https://www.virustotal.com/en/file/1a1f ... 366899751/
https://www.virustotal.com/en/file/2ef9 ... 366899761/
https://www.virustotal.com/en/file/7075 ... 366899762/
https://www.virustotal.com/en/file/2475 ... 366899765/
https://www.virustotal.com/en/file/d2cc ... 366899772/
https://www.virustotal.com/en/file/dd47 ... 366899776/
https://www.virustotal.com/en/file/b76f ... 366899785/
https://www.virustotal.com/en/file/cea8 ... 366899791/
https://www.virustotal.com/en/file/d2bf ... 366899802/
https://www.virustotal.com/en/file/ee38 ... 366899817/
https://www.virustotal.com/en/file/e3c7 ... 366899827/
https://www.virustotal.com/en/file/e220 ... 366899828/

Win32/Neshta.B:
https://www.virustotal.com/en/file/80e7 ... 366900381/
https://www.virustotal.com/en/file/3398 ... 366900402/
https://www.virustotal.com/en/file/42a6 ... 366900403/
https://www.virustotal.com/en/file/61c2 ... 366900407/
https://www.virustotal.com/en/file/7cdb ... 366900412/
https://www.virustotal.com/en/file/de9b ... 366900424/
https://www.virustotal.com/en/file/e30f ... 366900425/
https://www.virustotal.com/en/file/9333 ... 366900426/
https://www.virustotal.com/en/file/9831 ... 366900438/
https://www.virustotal.com/en/file/9df6 ... 366900442/
https://www.virustotal.com/en/file/f809 ... 366900499/

File infectors thread: http://www.kernelmode.info/forum/viewto ... 168#p13168
Attachments
infected
(5.88 MiB) Downloaded 104 times
infected
(3.64 MiB) Downloaded 108 times

Re: Virus:Win32/Neshta

 #20652  by Win32:Virut
 Fri Aug 30, 2013 7:01 pm
Virus:Win32/Neshta.A

MD5: 4f79f56fd773e74de685bbc1745e4a4d
SHA1: db4683e4d416f382088f4085bbdd2cc32d2c5a08
SHA256: e6420817aa553165cd35d9f23806bb8373b6b019fe558bf01733210c55086e54
https://www.virustotal.com/en/file/e642 ... /analysis/

+ 43 infected files attached.
Attachments
Infected files
(4.76 MiB) Downloaded 84 times
(50.54 KiB) Downloaded 76 times
 Return to “Malware”