General

  • Target

    5be29c81cced136a52d18326c28f5bef_JaffaCakes118

  • Size

    84KB

  • Sample

    240719-pcp6vatele

  • MD5

    5be29c81cced136a52d18326c28f5bef

  • SHA1

    24386918ec7460b85eb865d2eb7d8678fb19540a

  • SHA256

    7b90a72232cf86675ab97f4419602e81469c1a6b6970f1b6382582157c337572

  • SHA512

    333a026ba20fe309eb275ab2d4d5d6ee7e92772411ac7f404c634d04be30a533db702dea635380d781c4a984599475e22b222f3af927b33fef6a484865617f5b

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJUix6FFL58fsSaiSVpyCoHtZ2aDxwo0:JxqjQ+P04wsmJCliG6ESaJe4o0A

Malware Config

Targets

    • Target

      5be29c81cced136a52d18326c28f5bef_JaffaCakes118

    • Size

      84KB

    • MD5

      5be29c81cced136a52d18326c28f5bef

    • SHA1

      24386918ec7460b85eb865d2eb7d8678fb19540a

    • SHA256

      7b90a72232cf86675ab97f4419602e81469c1a6b6970f1b6382582157c337572

    • SHA512

      333a026ba20fe309eb275ab2d4d5d6ee7e92772411ac7f404c634d04be30a533db702dea635380d781c4a984599475e22b222f3af927b33fef6a484865617f5b

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJUix6FFL58fsSaiSVpyCoHtZ2aDxwo0:JxqjQ+P04wsmJCliG6ESaJe4o0A

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks