Overview

overview

10

Static

static

3

4487fb8e62...18.exe

windows7-x64

10

4487fb8e62...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4487fb8e62f78d80479fddce833be61a_JaffaCakes118

  • Size

    92KB

  • Sample

    241014-2mmjxszfmf

  • MD5

    4487fb8e62f78d80479fddce833be61a

  • SHA1

    3dbd592df9e89df08265b5e3b54c60554caa8f8d

  • SHA256

    feb7030c8acfe01edda5839ba256060e696c35c0ed60f5ddca5e8b850a99cf67

  • SHA512

    e338cfa1530c06243b45a7a8c9be089828ac9bde4c7c8e02baf2ccbbbe5551c7e8d8e4e6727f28c093708c29c802684b1d515458123fd002ca7d87ee26432b20

  • SSDEEP

    1536:7xqjQ+P04wsZLnDrCwMIZPTvuwA/EMeWS14fuw9sEJBq6zPkM5r5E:Cr8WDrC9IZTuwAtcusSzPkUr+

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      4487fb8e62f78d80479fddce833be61a_JaffaCakes118

    • Size

      92KB

    • MD5

      4487fb8e62f78d80479fddce833be61a

    • SHA1

      3dbd592df9e89df08265b5e3b54c60554caa8f8d

    • SHA256

      feb7030c8acfe01edda5839ba256060e696c35c0ed60f5ddca5e8b850a99cf67

    • SHA512

      e338cfa1530c06243b45a7a8c9be089828ac9bde4c7c8e02baf2ccbbbe5551c7e8d8e4e6727f28c093708c29c802684b1d515458123fd002ca7d87ee26432b20

    • SSDEEP

      1536:7xqjQ+P04wsZLnDrCwMIZPTvuwA/EMeWS14fuw9sEJBq6zPkM5r5E:Cr8WDrC9IZTuwAtcusSzPkUr+

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks