General

  • Target

    4fa778f4cc88626e14c6a7a449ddad8a_JaffaCakes118

  • Size

    92KB

  • Sample

    240716-xtv3eswbjj

  • MD5

    4fa778f4cc88626e14c6a7a449ddad8a

  • SHA1

    25f25b3a9f68ae53bb81b9c94639be9e51fe51a8

  • SHA256

    952098a375bd4e270f169b7063ea6a5c10ec5f64f3cce00dbcb0795595684ada

  • SHA512

    84c259ec9a3d90c59e72cdda89d010a162fec31c7b82c177065c4f46267b0faa619a3f74e2f8235bbb4ad5ccef412649e1a162f8bf20158158077c229063aad5

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJkmCMAyAdTmPJbgqcnDc8:JxqjQ+P04wsmJCPmCdU81c8

Malware Config

Targets

    • Target

      4fa778f4cc88626e14c6a7a449ddad8a_JaffaCakes118

    • Size

      92KB

    • MD5

      4fa778f4cc88626e14c6a7a449ddad8a

    • SHA1

      25f25b3a9f68ae53bb81b9c94639be9e51fe51a8

    • SHA256

      952098a375bd4e270f169b7063ea6a5c10ec5f64f3cce00dbcb0795595684ada

    • SHA512

      84c259ec9a3d90c59e72cdda89d010a162fec31c7b82c177065c4f46267b0faa619a3f74e2f8235bbb4ad5ccef412649e1a162f8bf20158158077c229063aad5

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJkmCMAyAdTmPJbgqcnDc8:JxqjQ+P04wsmJCPmCdU81c8

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks