Overview

overview

10

Static

static

10

14d5ddc715...18.exe

windows7-x64

10

14d5ddc715...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14d5ddc715806af7bda18529fc1dc712_JaffaCakes118

  • Size

    6.8MB

  • Sample

    240504-2s5bxseb8z

  • MD5

    14d5ddc715806af7bda18529fc1dc712

  • SHA1

    65109ebae2f6a1915e491e25cd8ac07cf9968791

  • SHA256

    1419a00392a2f342226a72a129086232078d9b1703dfd9a21ce7d08bbe22b619

  • SHA512

    5167d29b0ad7cb7a0bdac998b60f368090ab8c04104e2826de4d68266b3752be08802272a1ebef2d718e1836cf8bce8db46b485bb5cd78b55476d9bb86897014

  • SSDEEP

    98304:FlerjesRJ8YQU/1PO0Q2kowPOlod0e565nm16:urj578YQePFwPj7Ec16

Score
10/10
darkcometneshtapersistencespywarestealer

Malware Config

Targets

    • Target

      14d5ddc715806af7bda18529fc1dc712_JaffaCakes118

    • Size

      6.8MB

    • MD5

      14d5ddc715806af7bda18529fc1dc712

    • SHA1

      65109ebae2f6a1915e491e25cd8ac07cf9968791

    • SHA256

      1419a00392a2f342226a72a129086232078d9b1703dfd9a21ce7d08bbe22b619

    • SHA512

      5167d29b0ad7cb7a0bdac998b60f368090ab8c04104e2826de4d68266b3752be08802272a1ebef2d718e1836cf8bce8db46b485bb5cd78b55476d9bb86897014

    • SSDEEP

      98304:FlerjesRJ8YQU/1PO0Q2kowPOlod0e565nm16:urj578YQePFwPj7Ec16

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks