General

  • Target

    5b831521d3103681cfe885a9c93c0f72_JaffaCakes118

  • Size

    275KB

  • Sample

    240719-ma4kcawbpk

  • MD5

    5b831521d3103681cfe885a9c93c0f72

  • SHA1

    505dee37cf70e785de61963e6793e439db05ecf6

  • SHA256

    d5cb208c64bac622af5f32996e92c9c1379dc430edf3ab8126ad13de3bd61e61

  • SHA512

    78d062eece4e4ed2f51237f0a798080a2cd8b67bfc69592b6305c130dff1716c2683089ea3f1753c5e03b873352dadb210c171ef5519c4e940bf852091276bd9

  • SSDEEP

    6144:PuwIUgWaxiL7DiedfWxzIqhim7TzyGw60f0BKg:STW0qDRdfWxzrhRyf0B7

Malware Config

Targets

    • Target

      5b831521d3103681cfe885a9c93c0f72_JaffaCakes118

    • Size

      275KB

    • MD5

      5b831521d3103681cfe885a9c93c0f72

    • SHA1

      505dee37cf70e785de61963e6793e439db05ecf6

    • SHA256

      d5cb208c64bac622af5f32996e92c9c1379dc430edf3ab8126ad13de3bd61e61

    • SHA512

      78d062eece4e4ed2f51237f0a798080a2cd8b67bfc69592b6305c130dff1716c2683089ea3f1753c5e03b873352dadb210c171ef5519c4e940bf852091276bd9

    • SSDEEP

      6144:PuwIUgWaxiL7DiedfWxzIqhim7TzyGw60f0BKg:STW0qDRdfWxzrhRyf0B7

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks