General

  • Target

    55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240718-dmx4nasenq

  • MD5

    55e9c1660b5b67c88513cdb090ba8924

  • SHA1

    a1922a6cac696fcbe7504d76d2dfae5301d14e4f

  • SHA256

    208f663d72207cdc69f53cf5bcde289a465a56981ee691543e6892d5205527d7

  • SHA512

    9ba566aa3cdaa5b243dcd5aed3191b04952a3186189f3553f4ec4fee42598955e09ee1705264b634e85ddf145402bd3f49fe5afe0a295143d70894aec2474163

  • SSDEEP

    24576:mESKh4Pyz3xXytAuQ12l12BuDcYlDMpkWXTOAN1vDhDsSlqa4WVS7ah:mKz3xXySjYlDcXTOA/Dpf

Malware Config

Targets

    • Target

      55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118

    • Size

      1.3MB

    • MD5

      55e9c1660b5b67c88513cdb090ba8924

    • SHA1

      a1922a6cac696fcbe7504d76d2dfae5301d14e4f

    • SHA256

      208f663d72207cdc69f53cf5bcde289a465a56981ee691543e6892d5205527d7

    • SHA512

      9ba566aa3cdaa5b243dcd5aed3191b04952a3186189f3553f4ec4fee42598955e09ee1705264b634e85ddf145402bd3f49fe5afe0a295143d70894aec2474163

    • SSDEEP

      24576:mESKh4Pyz3xXytAuQ12l12BuDcYlDMpkWXTOAN1vDhDsSlqa4WVS7ah:mKz3xXySjYlDcXTOA/Dpf

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks