General
-
Target
005217c6914fb702c8d17b7cde486bc4_JaffaCakes118
-
Size
121KB
-
Sample
240621-317bxswhnb
-
MD5
005217c6914fb702c8d17b7cde486bc4
-
SHA1
5bd2d7aa85c9c0f1de64142c5b7423b6839bac8c
-
SHA256
4356ab9e575003359312cfd5915d2c339bb013936eed372258b5fc10dcac5de9
-
SHA512
c09f6c8dafc86bdfb368fa2811f3f0e74745e1c144137abdb05a5266a20d14b1be25e5a913f8d03ff27ca45d73338e14b61b86083c08c91938490298abf13770
-
SSDEEP
3072:sr85C87oNVsq05cEOnC5AGMLUoIb3Osc:k987oNVsq2eAOJ
Behavioral task
behavioral1
Sample
005217c6914fb702c8d17b7cde486bc4_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
005217c6914fb702c8d17b7cde486bc4_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
005217c6914fb702c8d17b7cde486bc4_JaffaCakes118
-
Size
121KB
-
MD5
005217c6914fb702c8d17b7cde486bc4
-
SHA1
5bd2d7aa85c9c0f1de64142c5b7423b6839bac8c
-
SHA256
4356ab9e575003359312cfd5915d2c339bb013936eed372258b5fc10dcac5de9
-
SHA512
c09f6c8dafc86bdfb368fa2811f3f0e74745e1c144137abdb05a5266a20d14b1be25e5a913f8d03ff27ca45d73338e14b61b86083c08c91938490298abf13770
-
SSDEEP
3072:sr85C87oNVsq05cEOnC5AGMLUoIb3Osc:k987oNVsq2eAOJ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-