General
-
Target
5903b8dcae2cc721a8745e1e63929675_JaffaCakes118
-
Size
235KB
-
Sample
240718-zmgbsswarn
-
MD5
5903b8dcae2cc721a8745e1e63929675
-
SHA1
a4dc73ba87196d55a3cb1ee13f62e8b43049848b
-
SHA256
a9a369c075b8473f5010971439f22bb4af8d57afb5408b0063ca375134fd45db
-
SHA512
84b797583f1e30473b5a097a70987f6aa52dc4592a7ce1f176ce2acd3fd650ac3140d6cb63afb8e1f25000d8fdd7b26e222699f55a9abe5116a9a423b8bdc842
-
SSDEEP
6144:k9fnBCY0z7yBxt8HLVCs+bte/hD8ApH8Apv:iBFoyq5+GhIApcApv
Behavioral task
behavioral1
Sample
5903b8dcae2cc721a8745e1e63929675_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5903b8dcae2cc721a8745e1e63929675_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5903b8dcae2cc721a8745e1e63929675_JaffaCakes118
-
Size
235KB
-
MD5
5903b8dcae2cc721a8745e1e63929675
-
SHA1
a4dc73ba87196d55a3cb1ee13f62e8b43049848b
-
SHA256
a9a369c075b8473f5010971439f22bb4af8d57afb5408b0063ca375134fd45db
-
SHA512
84b797583f1e30473b5a097a70987f6aa52dc4592a7ce1f176ce2acd3fd650ac3140d6cb63afb8e1f25000d8fdd7b26e222699f55a9abe5116a9a423b8bdc842
-
SSDEEP
6144:k9fnBCY0z7yBxt8HLVCs+bte/hD8ApH8Apv:iBFoyq5+GhIApcApv
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-