General
-
Target
377294dbec391645cc1922146e98257b_JaffaCakes118
-
Size
202KB
-
Sample
241011-3x5nxswajq
-
MD5
377294dbec391645cc1922146e98257b
-
SHA1
f2dbf86efad0c2fd78725d6dac2bf1849ac07130
-
SHA256
c8ae06ec3589c2afaf531c61da43ad307f14d8b80aa552551121a1c703dd59b1
-
SHA512
77d0d0bf293c5d34e2540de1a88e839f9b1e1b1bdf0b3c7eb6105b7471fc32936b720e9d382216870335741988772da64c47f0295cfa249bf0fd0748beeda1d2
-
SSDEEP
3072:sr85CXzZ+pLS6h16zfMzN/O3zy/E6t0br59JYr85C:k9XzZ8XcEfS59y9
Malware Config
Targets
-
-
Target
377294dbec391645cc1922146e98257b_JaffaCakes118
-
Size
202KB
-
MD5
377294dbec391645cc1922146e98257b
-
SHA1
f2dbf86efad0c2fd78725d6dac2bf1849ac07130
-
SHA256
c8ae06ec3589c2afaf531c61da43ad307f14d8b80aa552551121a1c703dd59b1
-
SHA512
77d0d0bf293c5d34e2540de1a88e839f9b1e1b1bdf0b3c7eb6105b7471fc32936b720e9d382216870335741988772da64c47f0295cfa249bf0fd0748beeda1d2
-
SSDEEP
3072:sr85CXzZ+pLS6h16zfMzN/O3zy/E6t0br59JYr85C:k9XzZ8XcEfS59y9
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-