General
-
Target
302ea719c62f97083022f2ae99f55860_JaffaCakes118
-
Size
2.0MB
-
Sample
240709-nkbgzs1hmk
-
MD5
302ea719c62f97083022f2ae99f55860
-
SHA1
77e1d8d7005dfe28f168894ae40b9686b8fad210
-
SHA256
5fa1e62983124bf8e7dbbed034512e0357f0d179402eb6b9e9361400160889ce
-
SHA512
e3bc7eaac430ba605c794e1479eb30b5a24ae365cbfb92b92da172caee43bcdbf103ef34e7cde97dbf41a99c2e0ccade64a0aa8451a88fcae01b05249f6666e5
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJPtLst8TLfg0tIqak/f0Pi2E:JxqjQ+P04wsmJCk5s6Xdr0C
Malware Config
Targets
-
-
Target
302ea719c62f97083022f2ae99f55860_JaffaCakes118
-
Size
2.0MB
-
MD5
302ea719c62f97083022f2ae99f55860
-
SHA1
77e1d8d7005dfe28f168894ae40b9686b8fad210
-
SHA256
5fa1e62983124bf8e7dbbed034512e0357f0d179402eb6b9e9361400160889ce
-
SHA512
e3bc7eaac430ba605c794e1479eb30b5a24ae365cbfb92b92da172caee43bcdbf103ef34e7cde97dbf41a99c2e0ccade64a0aa8451a88fcae01b05249f6666e5
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJPtLst8TLfg0tIqak/f0Pi2E:JxqjQ+P04wsmJCk5s6Xdr0C
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-