General
-
Target
5a64fc0a68706478317b39d56f4729e6_JaffaCakes118
-
Size
708KB
-
Sample
241019-cwm5dateml
-
MD5
5a64fc0a68706478317b39d56f4729e6
-
SHA1
0cc786582a3c21b44e6543ec62d3b54d83b32d19
-
SHA256
24d45146ec14d5b0d3a7fa7078a6c7d45b8f8ac8466f9c54d0a0b4e5700bf1a1
-
SHA512
b2a0f56f7e33abb2d4cda285f72c8ca2d935a948d863364093e77cad8f8bb070bbe775b5e0d3474cfe3ba8662f9d11135aa616bfa966d70722b16687301cae66
-
SSDEEP
12288:gMHlGpUU2R+zZanjrn+6RljNLjALlXZXrG4YYRbGXrmFCNJ2lhQFAdjulK:gVUwZ8nTRZJALNBy4YmGSFCr23QMKlK
Malware Config
Targets
-
-
Target
5a64fc0a68706478317b39d56f4729e6_JaffaCakes118
-
Size
708KB
-
MD5
5a64fc0a68706478317b39d56f4729e6
-
SHA1
0cc786582a3c21b44e6543ec62d3b54d83b32d19
-
SHA256
24d45146ec14d5b0d3a7fa7078a6c7d45b8f8ac8466f9c54d0a0b4e5700bf1a1
-
SHA512
b2a0f56f7e33abb2d4cda285f72c8ca2d935a948d863364093e77cad8f8bb070bbe775b5e0d3474cfe3ba8662f9d11135aa616bfa966d70722b16687301cae66
-
SSDEEP
12288:gMHlGpUU2R+zZanjrn+6RljNLjALlXZXrG4YYRbGXrmFCNJ2lhQFAdjulK:gVUwZ8nTRZJALNBy4YmGSFCr23QMKlK
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-