Overview

overview

10

Static

static

10

107fd61b07...18.exe

windows7-x64

10

107fd61b07...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    107fd61b070239f3369a9bbc39a5e429_JaffaCakes118

  • Size

    4.5MB

  • Sample

    240503-pggehaeb8t

  • MD5

    107fd61b070239f3369a9bbc39a5e429

  • SHA1

    273a481064c1b390322fad8f7b54e3c87b0e6def

  • SHA256

    ce6d34baf448d854dc7dbb0194e6babcdacd2ee761f5d1f822499f3f597c05b8

  • SHA512

    1474258bec6d2682c9c05d2947bec85016ff7572873a0f244b7353cedc2f82b61cee36f348983fce962140a81af4e114884b99ac4266d9236c82c0578d066069

  • SSDEEP

    49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok381qkqKrKOyCPO0bvxtyykvxeW:FlerjesRJ8YQU/81qfKrZPO01sJ

Score
10/10
darkcometneshtapersistencespywarestealer

Malware Config

Targets

    • Target

      107fd61b070239f3369a9bbc39a5e429_JaffaCakes118

    • Size

      4.5MB

    • MD5

      107fd61b070239f3369a9bbc39a5e429

    • SHA1

      273a481064c1b390322fad8f7b54e3c87b0e6def

    • SHA256

      ce6d34baf448d854dc7dbb0194e6babcdacd2ee761f5d1f822499f3f597c05b8

    • SHA512

      1474258bec6d2682c9c05d2947bec85016ff7572873a0f244b7353cedc2f82b61cee36f348983fce962140a81af4e114884b99ac4266d9236c82c0578d066069

    • SSDEEP

      49152:Fl/ijN5j2Xsl3RJ3LHobUQDgok381qkqKrKOyCPO0bvxtyykvxeW:FlerjesRJ8YQU/81qfKrZPO01sJ

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks