General
-
Target
3df8bc16423c66b8b7a749ab9fa1d120_JaffaCakes118
-
Size
162KB
-
Sample
241013-fs77xsvdmm
-
MD5
3df8bc16423c66b8b7a749ab9fa1d120
-
SHA1
afe17f331a2f3d19cb012f889472ce8480a44522
-
SHA256
06d7008aa62ca0010d9338093de720e586ce902cb3c9ccfa3de222bbbe5e2b7c
-
SHA512
ebddec5f8bb105592bdce93682051aec89d7062a8d0838d17f2441fda1debc65dc84ca57b0107ebbee7ba5bdd8e5e0ec27e9bbb50cb97dc35622ba66acc4e7c5
-
SSDEEP
1536:JxqjQ+P04wsmJCDCSrLem+sMEP+1F0A0LR+x6nv2rAPPNDcSxPU+1F0A0LR+x6nl:sr85CDCSrLem+scp0Lmg7fp0Lmg7Z
Behavioral task
behavioral1
Sample
3df8bc16423c66b8b7a749ab9fa1d120_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3df8bc16423c66b8b7a749ab9fa1d120_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3df8bc16423c66b8b7a749ab9fa1d120_JaffaCakes118
-
Size
162KB
-
MD5
3df8bc16423c66b8b7a749ab9fa1d120
-
SHA1
afe17f331a2f3d19cb012f889472ce8480a44522
-
SHA256
06d7008aa62ca0010d9338093de720e586ce902cb3c9ccfa3de222bbbe5e2b7c
-
SHA512
ebddec5f8bb105592bdce93682051aec89d7062a8d0838d17f2441fda1debc65dc84ca57b0107ebbee7ba5bdd8e5e0ec27e9bbb50cb97dc35622ba66acc4e7c5
-
SSDEEP
1536:JxqjQ+P04wsmJCDCSrLem+sMEP+1F0A0LR+x6nv2rAPPNDcSxPU+1F0A0LR+x6nl:sr85CDCSrLem+scp0Lmg7fp0Lmg7Z
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-