General
-
Target
01354b6a0d92d3caf3f161af1948c7cd_JaffaCakes118
-
Size
145KB
-
Sample
240622-etqhtsxdrg
-
MD5
01354b6a0d92d3caf3f161af1948c7cd
-
SHA1
52a67dad7c0ab78900927bf1a8262d8491a290b0
-
SHA256
033cbf14cfb036d7cc99e8608988d3bc2df43c74d4460741107ecc373dffc81b
-
SHA512
981646c0d455d04742019dfa475b86f92157bcd086db37d1e74dd1107e331fd9a0cb5b64803baa5762b6cfae00a2bbb4094525385ffdcdcc64f8c0485cde9cb8
-
SSDEEP
3072:sr85CF5C1Eup8X7WdEto3QE7NQJ/sX7WdEto3QE7NQJ/3:k9y1h8Lp+7ysLp+7y3
Behavioral task
behavioral1
Sample
01354b6a0d92d3caf3f161af1948c7cd_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
01354b6a0d92d3caf3f161af1948c7cd_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
01354b6a0d92d3caf3f161af1948c7cd_JaffaCakes118
-
Size
145KB
-
MD5
01354b6a0d92d3caf3f161af1948c7cd
-
SHA1
52a67dad7c0ab78900927bf1a8262d8491a290b0
-
SHA256
033cbf14cfb036d7cc99e8608988d3bc2df43c74d4460741107ecc373dffc81b
-
SHA512
981646c0d455d04742019dfa475b86f92157bcd086db37d1e74dd1107e331fd9a0cb5b64803baa5762b6cfae00a2bbb4094525385ffdcdcc64f8c0485cde9cb8
-
SSDEEP
3072:sr85CF5C1Eup8X7WdEto3QE7NQJ/sX7WdEto3QE7NQJ/3:k9y1h8Lp+7ysLp+7y3
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-