Overview

overview

10

Static

static

3

305cadd5e4...18.exe

windows7-x64

10

305cadd5e4...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    305cadd5e45ddb4484aac38a42238db4_JaffaCakes118

  • Size

    40KB

  • Sample

    241010-rw6n2szgpc

  • MD5

    305cadd5e45ddb4484aac38a42238db4

  • SHA1

    ad25b31e472b6cc28a583e9033f3ed9fdf386a97

  • SHA256

    da7cad2018335e3aca8f9dc04b72dbd35707d8b0609d82ce67df2a96ba74a25f

  • SHA512

    35415bf9747eae5343ed671f20f0160a18c11c99827952287701483153a209a8583d08062a460d23bca24156b461723c324c319becb58f41250e05e93f15822a

  • SSDEEP

    768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      305cadd5e45ddb4484aac38a42238db4_JaffaCakes118

    • Size

      40KB

    • MD5

      305cadd5e45ddb4484aac38a42238db4

    • SHA1

      ad25b31e472b6cc28a583e9033f3ed9fdf386a97

    • SHA256

      da7cad2018335e3aca8f9dc04b72dbd35707d8b0609d82ce67df2a96ba74a25f

    • SHA512

      35415bf9747eae5343ed671f20f0160a18c11c99827952287701483153a209a8583d08062a460d23bca24156b461723c324c319becb58f41250e05e93f15822a

    • SSDEEP

      768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks