General
-
Target
818d19a283654fc28837b37384b76644_JaffaCakes118
-
Size
2.5MB
-
Sample
241031-eh9sbs1khn
-
MD5
818d19a283654fc28837b37384b76644
-
SHA1
a73de417eb2abe8a33fa32923e65bdb0b0119d12
-
SHA256
e9bf55e92d9135320416a67d7a90ff616a55b325141f4d792fc64000d679d070
-
SHA512
70d958d4cddb552a3a9c710474a01aa399a5c62283d6622641956491a9d9a42a3b704e65179ce430c33b3becb317daef4016a900d1e43a77d62d3a4a017ce03b
-
SSDEEP
49152:/iC/rk62xWNol+5gOsLO66qJ6021cJjLtk4pWGNG5VGFPNqJyoTs9:hrZ23AbsK6Ro022JjL2WEiVqJZy
Malware Config
Targets
-
-
Target
818d19a283654fc28837b37384b76644_JaffaCakes118
-
Size
2.5MB
-
MD5
818d19a283654fc28837b37384b76644
-
SHA1
a73de417eb2abe8a33fa32923e65bdb0b0119d12
-
SHA256
e9bf55e92d9135320416a67d7a90ff616a55b325141f4d792fc64000d679d070
-
SHA512
70d958d4cddb552a3a9c710474a01aa399a5c62283d6622641956491a9d9a42a3b704e65179ce430c33b3becb317daef4016a900d1e43a77d62d3a4a017ce03b
-
SSDEEP
49152:/iC/rk62xWNol+5gOsLO66qJ6021cJjLtk4pWGNG5VGFPNqJyoTs9:hrZ23AbsK6Ro022JjL2WEiVqJZy
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-