General
-
Target
55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118
-
Size
1.3MB
-
Sample
240718-dmx4nasenq
-
MD5
55e9c1660b5b67c88513cdb090ba8924
-
SHA1
a1922a6cac696fcbe7504d76d2dfae5301d14e4f
-
SHA256
208f663d72207cdc69f53cf5bcde289a465a56981ee691543e6892d5205527d7
-
SHA512
9ba566aa3cdaa5b243dcd5aed3191b04952a3186189f3553f4ec4fee42598955e09ee1705264b634e85ddf145402bd3f49fe5afe0a295143d70894aec2474163
-
SSDEEP
24576:mESKh4Pyz3xXytAuQ12l12BuDcYlDMpkWXTOAN1vDhDsSlqa4WVS7ah:mKz3xXySjYlDcXTOA/Dpf
Behavioral task
behavioral1
Sample
55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
55e9c1660b5b67c88513cdb090ba8924_JaffaCakes118
-
Size
1.3MB
-
MD5
55e9c1660b5b67c88513cdb090ba8924
-
SHA1
a1922a6cac696fcbe7504d76d2dfae5301d14e4f
-
SHA256
208f663d72207cdc69f53cf5bcde289a465a56981ee691543e6892d5205527d7
-
SHA512
9ba566aa3cdaa5b243dcd5aed3191b04952a3186189f3553f4ec4fee42598955e09ee1705264b634e85ddf145402bd3f49fe5afe0a295143d70894aec2474163
-
SSDEEP
24576:mESKh4Pyz3xXytAuQ12l12BuDcYlDMpkWXTOAN1vDhDsSlqa4WVS7ah:mKz3xXySjYlDcXTOA/Dpf
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-