General
-
Target
551aecba174aa44156e4d2ec5deff5b7_JaffaCakes118
-
Size
267KB
-
Sample
240717-2k7gbasglj
-
MD5
551aecba174aa44156e4d2ec5deff5b7
-
SHA1
110e957259e4b125b025652d23d8f589777151c3
-
SHA256
1a8039dafa96cfe91e7aa981c35ebc1ceed9a0cf75f80bddbe1f762a003457ee
-
SHA512
3c6f435c496f51243311e33c2edf6e45a47983e35adb5026979a4d88e683fe842c5899a9036529f8966a26e6983a430fc2aea2244af3719d76b33e543366bca4
-
SSDEEP
6144:k9l66bbSa4x6nYtlMzUeRUq1OQtyH7xOc6H5c6HcT66vlmrS62:v6LnYtdeBDa82
Behavioral task
behavioral1
Sample
551aecba174aa44156e4d2ec5deff5b7_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
551aecba174aa44156e4d2ec5deff5b7_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
551aecba174aa44156e4d2ec5deff5b7_JaffaCakes118
-
Size
267KB
-
MD5
551aecba174aa44156e4d2ec5deff5b7
-
SHA1
110e957259e4b125b025652d23d8f589777151c3
-
SHA256
1a8039dafa96cfe91e7aa981c35ebc1ceed9a0cf75f80bddbe1f762a003457ee
-
SHA512
3c6f435c496f51243311e33c2edf6e45a47983e35adb5026979a4d88e683fe842c5899a9036529f8966a26e6983a430fc2aea2244af3719d76b33e543366bca4
-
SSDEEP
6144:k9l66bbSa4x6nYtlMzUeRUq1OQtyH7xOc6H5c6HcT66vlmrS62:v6LnYtdeBDa82
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-