Overview

overview

10

Static

static

10

07438735f7...18.exe

windows7-x64

10

07438735f7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07438735f75ce5d817e074a76c5e036b_JaffaCakes118

  • Size

    6.2MB

  • Sample

    240429-kpm5ssef22

  • MD5

    07438735f75ce5d817e074a76c5e036b

  • SHA1

    23daf57bcd0ceaa97721cc1b1a8dfb853974fe0c

  • SHA256

    6bbfd2f46b3c14bc298960de2f1564c4b9a04c937cbbba65867a764380310fa4

  • SHA512

    dfd6c0a4ebaecead1acccfe0157c7156b98d24cb03fcd5db245c739c521ff2373d66fa63e36dc67c5379c25f1c3eaf3e05597c173eafa6c135402bd27d03f78a

  • SSDEEP

    98304:FlerjesRJ8YQU/IgNQ2wZPO2YOXwnS4rVjwIDQ:urj578YQXPiIruQ

Score
10/10
darkcometneshtapersistencespywarestealer

Malware Config

Targets

    • Target

      07438735f75ce5d817e074a76c5e036b_JaffaCakes118

    • Size

      6.2MB

    • MD5

      07438735f75ce5d817e074a76c5e036b

    • SHA1

      23daf57bcd0ceaa97721cc1b1a8dfb853974fe0c

    • SHA256

      6bbfd2f46b3c14bc298960de2f1564c4b9a04c937cbbba65867a764380310fa4

    • SHA512

      dfd6c0a4ebaecead1acccfe0157c7156b98d24cb03fcd5db245c739c521ff2373d66fa63e36dc67c5379c25f1c3eaf3e05597c173eafa6c135402bd27d03f78a

    • SSDEEP

      98304:FlerjesRJ8YQU/IgNQ2wZPO2YOXwnS4rVjwIDQ:urj578YQXPiIruQ

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks