General
-
Target
4668f88c02b5fbf98316a17eccf6a220_JaffaCakes118
-
Size
242KB
-
Sample
241015-hx426svglk
-
MD5
4668f88c02b5fbf98316a17eccf6a220
-
SHA1
6b326ac6b389fc09939db609ff8e2c525a7916bf
-
SHA256
e65db561681f6da6967d62a399aaa46db04c89ea12a234f2f33685d44530186d
-
SHA512
a2434b9a975ef429e33e3ce6ae97184eae414c89e2fc64341d2c9c14c23b06eb471ac593103a488827b0fa4694340d2dfaaef5c5ce0c6a48d25b7864a6ede7c8
-
SSDEEP
6144:byH7xOc6H5c6HcT66vlmrIzZHfsvwLQUePSeqTFyH7xOc6H5c6HcT66vlmr+UePH:bazzZ/svwzePSRa+ePSK
Malware Config
Targets
-
-
Target
4668f88c02b5fbf98316a17eccf6a220_JaffaCakes118
-
Size
242KB
-
MD5
4668f88c02b5fbf98316a17eccf6a220
-
SHA1
6b326ac6b389fc09939db609ff8e2c525a7916bf
-
SHA256
e65db561681f6da6967d62a399aaa46db04c89ea12a234f2f33685d44530186d
-
SHA512
a2434b9a975ef429e33e3ce6ae97184eae414c89e2fc64341d2c9c14c23b06eb471ac593103a488827b0fa4694340d2dfaaef5c5ce0c6a48d25b7864a6ede7c8
-
SSDEEP
6144:byH7xOc6H5c6HcT66vlmrIzZHfsvwLQUePSeqTFyH7xOc6H5c6HcT66vlmr+UePH:bazzZ/svwzePSRa+ePSK
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-