General

  • Target

    53a0065dff3ef86ab16731ad82d614bf_JaffaCakes118

  • Size

    986KB

  • Sample

    240717-szvavsxaql

  • MD5

    53a0065dff3ef86ab16731ad82d614bf

  • SHA1

    d2ac3dd7c7c8fd761ee8d6461bb3da43be5b7e3f

  • SHA256

    3e10265756f83565fcef8df2cce0b8d2db93c6dee5592b8ededc1b2ad4801a09

  • SHA512

    b6f796c539c4f387cfd17fab94525f7dbb7c24f7f742849f7357346b2e613d43ad53b026f68723a9b7c52f9d1e9fcc23d307885ee02590b06e4637fc1c0aaaa0

  • SSDEEP

    12288:MyWgjUca5PZOh9wAxhysmNy/Q4GHy6r40W6QHvwutwh2hhhcaPvejRThp:hA5POgyXGS30W6Q4S6aPqlhp

Malware Config

Targets

    • Target

      53a0065dff3ef86ab16731ad82d614bf_JaffaCakes118

    • Size

      986KB

    • MD5

      53a0065dff3ef86ab16731ad82d614bf

    • SHA1

      d2ac3dd7c7c8fd761ee8d6461bb3da43be5b7e3f

    • SHA256

      3e10265756f83565fcef8df2cce0b8d2db93c6dee5592b8ededc1b2ad4801a09

    • SHA512

      b6f796c539c4f387cfd17fab94525f7dbb7c24f7f742849f7357346b2e613d43ad53b026f68723a9b7c52f9d1e9fcc23d307885ee02590b06e4637fc1c0aaaa0

    • SSDEEP

      12288:MyWgjUca5PZOh9wAxhysmNy/Q4GHy6r40W6QHvwutwh2hhhcaPvejRThp:hA5POgyXGS30W6Q4S6aPqlhp

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks