General

  • Target

    560cce0a7b0e93c4adfc88c22270826e_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240718-egqm3atgml

  • MD5

    560cce0a7b0e93c4adfc88c22270826e

  • SHA1

    eeee5b4dc84811c3f6dc1078e32f1cd19a49a313

  • SHA256

    87e79fa1058a89a4d2ad8f97b6f13ed4b0b6944a851b24cf6fa95e2f3e7f9640

  • SHA512

    3dd203b74d1dcb6827f82ae39649b1ad6bb5473c0519a6cf536674ad9eb3d1e6d5cd707d064023223aff30c6d8b0d9908b4a95f1057f37f6bbc73d5a6f2f8b91

  • SSDEEP

    24576:sEVdWKs0KRLZQ22Z5SEaa2Hm58axYFIxIb2T5E:ssctRL2JZ5p58axYFIxIt

Malware Config

Targets

    • Target

      560cce0a7b0e93c4adfc88c22270826e_JaffaCakes118

    • Size

      1.1MB

    • MD5

      560cce0a7b0e93c4adfc88c22270826e

    • SHA1

      eeee5b4dc84811c3f6dc1078e32f1cd19a49a313

    • SHA256

      87e79fa1058a89a4d2ad8f97b6f13ed4b0b6944a851b24cf6fa95e2f3e7f9640

    • SHA512

      3dd203b74d1dcb6827f82ae39649b1ad6bb5473c0519a6cf536674ad9eb3d1e6d5cd707d064023223aff30c6d8b0d9908b4a95f1057f37f6bbc73d5a6f2f8b91

    • SSDEEP

      24576:sEVdWKs0KRLZQ22Z5SEaa2Hm58axYFIxIb2T5E:ssctRL2JZ5p58axYFIxIt

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks