General
-
Target
5c93df1ebdaac1b44ca8d511f002a3be_JaffaCakes118
-
Size
436KB
-
Sample
240719-s5dkas1hnf
-
MD5
5c93df1ebdaac1b44ca8d511f002a3be
-
SHA1
b3c9582130e0a143ebb0ade50cf343a2f361e711
-
SHA256
850584ec9faf4da3b2bac0b5d66829ae55527fbdb7d4268109d6da9968dbe411
-
SHA512
3089bde8444eca475fce522907ea7fa1a542dd7b45006bbe9ebaab98b14deb3b8863f5c01e00a6d54e8964276dfa500560e62bb946199dc7f50a655183506ee4
-
SSDEEP
12288:4mOCjTeoelU5wJwpZyJ9WwINR7AVpotED:5OCjOlUe469WBypotE
Static task
static1
Behavioral task
behavioral1
Sample
5c93df1ebdaac1b44ca8d511f002a3be_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5c93df1ebdaac1b44ca8d511f002a3be_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
5c93df1ebdaac1b44ca8d511f002a3be_JaffaCakes118
-
Size
436KB
-
MD5
5c93df1ebdaac1b44ca8d511f002a3be
-
SHA1
b3c9582130e0a143ebb0ade50cf343a2f361e711
-
SHA256
850584ec9faf4da3b2bac0b5d66829ae55527fbdb7d4268109d6da9968dbe411
-
SHA512
3089bde8444eca475fce522907ea7fa1a542dd7b45006bbe9ebaab98b14deb3b8863f5c01e00a6d54e8964276dfa500560e62bb946199dc7f50a655183506ee4
-
SSDEEP
12288:4mOCjTeoelU5wJwpZyJ9WwINR7AVpotED:5OCjOlUe469WBypotE
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-