General
-
Target
d2fc4163a2e782ce76b4c9a2b49e1906_JaffaCakes118
-
Size
161KB
-
Sample
240907-2nalrasapf
-
MD5
d2fc4163a2e782ce76b4c9a2b49e1906
-
SHA1
8f79672ee2eb2a8666317782b9095df197ff8246
-
SHA256
65f9ac0ffc856ed1199c7947cb78cbd35e76c6f8b3eaa119f29dca965610b0ae
-
SHA512
3d012d9f720297b9eb21f99f37de06fcd917e8483fe774323c48b3c483a84f9c5749a69b144693262fe934399419507b8ca3b5fb0ddf49488d172003da150a86
-
SSDEEP
3072:sr85C1at3ozsL4WMKjqNqJxf5PppkQIJINw7:k9tQL4WMKjYqJxxPpp+INq
Malware Config
Targets
-
-
Target
d2fc4163a2e782ce76b4c9a2b49e1906_JaffaCakes118
-
Size
161KB
-
MD5
d2fc4163a2e782ce76b4c9a2b49e1906
-
SHA1
8f79672ee2eb2a8666317782b9095df197ff8246
-
SHA256
65f9ac0ffc856ed1199c7947cb78cbd35e76c6f8b3eaa119f29dca965610b0ae
-
SHA512
3d012d9f720297b9eb21f99f37de06fcd917e8483fe774323c48b3c483a84f9c5749a69b144693262fe934399419507b8ca3b5fb0ddf49488d172003da150a86
-
SSDEEP
3072:sr85C1at3ozsL4WMKjqNqJxf5PppkQIJINw7:k9tQL4WMKjYqJxxPpp+INq
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-