General
-
Target
5c3d33d53dfa8817a57741950e667fb3_JaffaCakes118
-
Size
134KB
-
Sample
240719-ra1wnsvclr
-
MD5
5c3d33d53dfa8817a57741950e667fb3
-
SHA1
06d10a88f4131fdb4d753d3a2ca831bb33c807d8
-
SHA256
185495b1bde39986af2ddf22416b498cce577ab19905c6f15af3329136b9a6f6
-
SHA512
6227b347d9763093f1ecf278f5785a137f9638a9054a7dd8c1b5e29b6f6ac3dffc46e83255c9476bf616883aa60c46c51b6c1cb43ecbe414b1e876f26eb04488
-
SSDEEP
1536:JxqjQ+P04wsmJCAswC2jItkyCZxX2W+1Q7O4qwGBQxTL4lwtUgS9nWRBXLBYHSNt:sr85CcRZxv+1Q76tQxfsaq0XLIu1
Behavioral task
behavioral1
Sample
5c3d33d53dfa8817a57741950e667fb3_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
5c3d33d53dfa8817a57741950e667fb3_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5c3d33d53dfa8817a57741950e667fb3_JaffaCakes118
-
Size
134KB
-
MD5
5c3d33d53dfa8817a57741950e667fb3
-
SHA1
06d10a88f4131fdb4d753d3a2ca831bb33c807d8
-
SHA256
185495b1bde39986af2ddf22416b498cce577ab19905c6f15af3329136b9a6f6
-
SHA512
6227b347d9763093f1ecf278f5785a137f9638a9054a7dd8c1b5e29b6f6ac3dffc46e83255c9476bf616883aa60c46c51b6c1cb43ecbe414b1e876f26eb04488
-
SSDEEP
1536:JxqjQ+P04wsmJCAswC2jItkyCZxX2W+1Q7O4qwGBQxTL4lwtUgS9nWRBXLBYHSNt:sr85CcRZxv+1Q76tQxfsaq0XLIu1
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-