General
-
Target
293173b12c947c6250f8fab9e94f95d8_JaffaCakes118
-
Size
214KB
-
Sample
240706-w7gara1hnf
-
MD5
293173b12c947c6250f8fab9e94f95d8
-
SHA1
797ee5b3ea4089392d03f43699745d651a859af9
-
SHA256
7245b100c45a487a94d924b72e66c7d614bfd95ab7b1c0959434edcd211a9fe3
-
SHA512
a477a5b9061fe2fddead58af5e93abcbe65c20973a0e56d62e339579e4e05d7ec27b0579629b8053963f33654fe6180615287fb0e1343f0484fa543f58e85768
-
SSDEEP
3072:sr85Cgvb2xpDFWrPfV1iLdS0ak+fDITb/Y4qDUjTTGi9mIkdtfzjNk50paCUHKWV:k9g0p6GcdCg4EUjGnbG0cCBW5is
Malware Config
Targets
-
-
Target
293173b12c947c6250f8fab9e94f95d8_JaffaCakes118
-
Size
214KB
-
MD5
293173b12c947c6250f8fab9e94f95d8
-
SHA1
797ee5b3ea4089392d03f43699745d651a859af9
-
SHA256
7245b100c45a487a94d924b72e66c7d614bfd95ab7b1c0959434edcd211a9fe3
-
SHA512
a477a5b9061fe2fddead58af5e93abcbe65c20973a0e56d62e339579e4e05d7ec27b0579629b8053963f33654fe6180615287fb0e1343f0484fa543f58e85768
-
SSDEEP
3072:sr85Cgvb2xpDFWrPfV1iLdS0ak+fDITb/Y4qDUjTTGi9mIkdtfzjNk50paCUHKWV:k9g0p6GcdCg4EUjGnbG0cCBW5is
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-