General
-
Target
52e7f5d461d1dd7c17ebf44bf1f44cb1_JaffaCakes118
-
Size
95KB
-
Sample
240717-pak44ssgrb
-
MD5
52e7f5d461d1dd7c17ebf44bf1f44cb1
-
SHA1
75cc9711df9a70ebcaead26f3f45d8d23d0f2c78
-
SHA256
1e532518f8c549eb15c8567dbd8ba3be9bac8067e51921802b70d60c7d155be7
-
SHA512
06c9b08fd9c6a4a30847aef61e87f3f809b369914b29cc565af9ecfc32cb6f418a2e02105ef8b06ba7c146c5be6bc07e76797c3ed6bd3883848e91f98842e468
-
SSDEEP
1536:JxqjQ+P04wsmJCPqo60nG/7zcVTqbAR20rv7ggIoWP+i6f1OsLUHOlgmE:sr85CPz60nCDS71IoWP+i6f1OsN2mE
Behavioral task
behavioral1
Sample
52e7f5d461d1dd7c17ebf44bf1f44cb1_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
52e7f5d461d1dd7c17ebf44bf1f44cb1_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
52e7f5d461d1dd7c17ebf44bf1f44cb1_JaffaCakes118
-
Size
95KB
-
MD5
52e7f5d461d1dd7c17ebf44bf1f44cb1
-
SHA1
75cc9711df9a70ebcaead26f3f45d8d23d0f2c78
-
SHA256
1e532518f8c549eb15c8567dbd8ba3be9bac8067e51921802b70d60c7d155be7
-
SHA512
06c9b08fd9c6a4a30847aef61e87f3f809b369914b29cc565af9ecfc32cb6f418a2e02105ef8b06ba7c146c5be6bc07e76797c3ed6bd3883848e91f98842e468
-
SSDEEP
1536:JxqjQ+P04wsmJCPqo60nG/7zcVTqbAR20rv7ggIoWP+i6f1OsLUHOlgmE:sr85CPz60nCDS71IoWP+i6f1OsN2mE
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-