General
-
Target
6aacc214e0092ba7b39384645593d368_JaffaCakes118
-
Size
757KB
-
Sample
240724-hwd5cstdrr
-
MD5
6aacc214e0092ba7b39384645593d368
-
SHA1
19da12d013e8844b11f7f8a5d3df1e99d48ef977
-
SHA256
00cf25347a33146993edc7e483ec0666eaf371da01f7455117a3f237a5172588
-
SHA512
f327d0fc8f5ec249746acfaa456caf12fa5e33e9c28930a3865377550eeebb047ccbb15833f5d4015cf0f406bf46c2d0d84fa702ca151711cb7487f33f140513
-
SSDEEP
12288:q51PwDZ+Hqku4edEyhZLLeDfV0qyAm5sYJ23Fq/mjMwPeJaUmcq90:aYDZ+Tu4tyTeD90qyDJv/mOJzD
Behavioral task
behavioral1
Sample
6aacc214e0092ba7b39384645593d368_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6aacc214e0092ba7b39384645593d368_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
6aacc214e0092ba7b39384645593d368_JaffaCakes118
-
Size
757KB
-
MD5
6aacc214e0092ba7b39384645593d368
-
SHA1
19da12d013e8844b11f7f8a5d3df1e99d48ef977
-
SHA256
00cf25347a33146993edc7e483ec0666eaf371da01f7455117a3f237a5172588
-
SHA512
f327d0fc8f5ec249746acfaa456caf12fa5e33e9c28930a3865377550eeebb047ccbb15833f5d4015cf0f406bf46c2d0d84fa702ca151711cb7487f33f140513
-
SSDEEP
12288:q51PwDZ+Hqku4edEyhZLLeDfV0qyAm5sYJ23Fq/mjMwPeJaUmcq90:aYDZ+Tu4tyTeD90qyDJv/mOJzD
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-