General

  • Target

    50ecdee5aff9289d44e01c483e627ac1_JaffaCakes118

  • Size

    492KB

  • Sample

    240717-bynm9asgnf

  • MD5

    50ecdee5aff9289d44e01c483e627ac1

  • SHA1

    55ab435b32eabe2a7b50b0e19761baef79227e83

  • SHA256

    b9e6ccd928de76f5da334a8c706f4e763a2fb8970982dcc6a13270faf917f64a

  • SHA512

    de05e6c4623da13c737f1ca49e8147553aaa69c67432f43c7d9278fd4673171b88c42e1465dfe3688aa29d1a2839ed89a5542516911cbd3975455ecbc66a9747

  • SSDEEP

    6144:k9JZTXW8xpyT9Ua3T6ceSPaUEYMR6UzqYXhRBED2HGtmV8yKMb66:OTXbxpAj3P0XR6UzqYXh/jHl4MbZ

Malware Config

Targets

    • Target

      50ecdee5aff9289d44e01c483e627ac1_JaffaCakes118

    • Size

      492KB

    • MD5

      50ecdee5aff9289d44e01c483e627ac1

    • SHA1

      55ab435b32eabe2a7b50b0e19761baef79227e83

    • SHA256

      b9e6ccd928de76f5da334a8c706f4e763a2fb8970982dcc6a13270faf917f64a

    • SHA512

      de05e6c4623da13c737f1ca49e8147553aaa69c67432f43c7d9278fd4673171b88c42e1465dfe3688aa29d1a2839ed89a5542516911cbd3975455ecbc66a9747

    • SSDEEP

      6144:k9JZTXW8xpyT9Ua3T6ceSPaUEYMR6UzqYXhRBED2HGtmV8yKMb66:OTXbxpAj3P0XR6UzqYXh/jHl4MbZ

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks