Malware Analysis Report

2024-09-11 00:11

Sample ID 240617-1x73yawbqd
Target 3de2a25800656714fd83e14b1677419c393f1044f9c2bf01b3611d0d605433e3_JaffaCakes118
SHA256 9b0cf98c09bcffdd1e9bd6feabd756b2b210d9d0493367550206c815d2843a6b
Tags
neshta
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9b0cf98c09bcffdd1e9bd6feabd756b2b210d9d0493367550206c815d2843a6b

Threat Level: Known bad

The file 3de2a25800656714fd83e14b1677419c393f1044f9c2bf01b3611d0d605433e3_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

neshta

Detect Neshta payload

Neshta family

Unsigned PE

MITRE ATT&CK Matrix

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-17 22:02

Signatures

Detect Neshta payload

Description Indicator Process Target
N/A N/A N/A N/A

Neshta family

neshta

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 22:02

Reported

2024-06-17 22:02

Platform

win7-20240220-en

Max time kernel

0s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-17 22:02

Reported

2024-06-17 22:02

Platform

win10v2004-20240508-en

Max time kernel

0s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 52.183.220.149:443 tcp

Files

N/A