General
-
Target
06bfc168e20ef6fa1fbca8a7f494cd07_JaffaCakes118
-
Size
9.6MB
-
Sample
240429-ebzc1shb82
-
MD5
06bfc168e20ef6fa1fbca8a7f494cd07
-
SHA1
7c418472723aa63996024d051fdce511f0164404
-
SHA256
bddb9edabe5e68febba220c5f6b5b63de60148eb1a02e9ed11f04765c847479b
-
SHA512
525fc11aefcf4557e5aa42a55d109eff4a8e83b7440848d535c4fbb1279f5d283d482ee301471d664c2285a889a3e385394e827725ee2da7176fab4f769ae211
-
SSDEEP
49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok30ZYcMjikplS9C5qMfhbuRKwpB9WWhipXqk:FlerjesRJ8YQU/U5WiQS9C5qiHrok
Malware Config
Targets
-
-
Target
06bfc168e20ef6fa1fbca8a7f494cd07_JaffaCakes118
-
Size
9.6MB
-
MD5
06bfc168e20ef6fa1fbca8a7f494cd07
-
SHA1
7c418472723aa63996024d051fdce511f0164404
-
SHA256
bddb9edabe5e68febba220c5f6b5b63de60148eb1a02e9ed11f04765c847479b
-
SHA512
525fc11aefcf4557e5aa42a55d109eff4a8e83b7440848d535c4fbb1279f5d283d482ee301471d664c2285a889a3e385394e827725ee2da7176fab4f769ae211
-
SSDEEP
49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok30ZYcMjikplS9C5qMfhbuRKwpB9WWhipXqk:FlerjesRJ8YQU/U5WiQS9C5qiHrok
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-