General
-
Target
ead2b784eea46d7d5e999e7210235b89_JaffaCakes118
-
Size
90KB
-
Sample
240919-hzx2mswgkb
-
MD5
ead2b784eea46d7d5e999e7210235b89
-
SHA1
e16382b1b6c54a884229abb30d805217fd848a73
-
SHA256
1ee475daf6daf3fff7d50e978d750be538e57dab9df2cfe0e4fd096c7eb7b64c
-
SHA512
b48aabe120da2d3356f9a69543d66d713e3ad3ef03770d9075333239825415abf9abd98f397868167ca00e047b2f1b1fccef614423f2732f21326eea4ace5e2c
-
SSDEEP
1536:JxqjQ+P04wsmJCsen7+vfppdtAwD5TrBkrG3C4tk8MXZJ5cc:sr85Cn7+XAwYrGSwk8MXZJGc
Malware Config
Targets
-
-
Target
ead2b784eea46d7d5e999e7210235b89_JaffaCakes118
-
Size
90KB
-
MD5
ead2b784eea46d7d5e999e7210235b89
-
SHA1
e16382b1b6c54a884229abb30d805217fd848a73
-
SHA256
1ee475daf6daf3fff7d50e978d750be538e57dab9df2cfe0e4fd096c7eb7b64c
-
SHA512
b48aabe120da2d3356f9a69543d66d713e3ad3ef03770d9075333239825415abf9abd98f397868167ca00e047b2f1b1fccef614423f2732f21326eea4ace5e2c
-
SSDEEP
1536:JxqjQ+P04wsmJCsen7+vfppdtAwD5TrBkrG3C4tk8MXZJ5cc:sr85Cn7+XAwYrGSwk8MXZJGc
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-