General
-
Target
910f1588ba6cedb2b81d1901e6bad2f1_JaffaCakes118
-
Size
191KB
-
Sample
241123-2lcckawqep
-
MD5
910f1588ba6cedb2b81d1901e6bad2f1
-
SHA1
88a8e66280f0eebbec0950bc6d05cd30b1a216db
-
SHA256
d5205595a0337e722ec126ed482981852a9191636dd2ba383e0bc2c11fb9f043
-
SHA512
c601fc1752cdfaff8e0b23a5484658d6753b0933732a05e2f1928a4fb4c5fdd37e035a395145f08cf08d56464ffed51633176e1be47c6e079af05f0a4463914d
-
SSDEEP
1536:JxqjQ+P04wsmJCQ3CvsRZ7dsw0wcLxoge4P/F5F5g5gUaCGDETeGNniPoPTeGNn+:sr85CQSvsRRl0Bagee/F5F5g5gFOfs
Malware Config
Targets
-
-
Target
910f1588ba6cedb2b81d1901e6bad2f1_JaffaCakes118
-
Size
191KB
-
MD5
910f1588ba6cedb2b81d1901e6bad2f1
-
SHA1
88a8e66280f0eebbec0950bc6d05cd30b1a216db
-
SHA256
d5205595a0337e722ec126ed482981852a9191636dd2ba383e0bc2c11fb9f043
-
SHA512
c601fc1752cdfaff8e0b23a5484658d6753b0933732a05e2f1928a4fb4c5fdd37e035a395145f08cf08d56464ffed51633176e1be47c6e079af05f0a4463914d
-
SSDEEP
1536:JxqjQ+P04wsmJCQ3CvsRZ7dsw0wcLxoge4P/F5F5g5gUaCGDETeGNniPoPTeGNn+:sr85CQSvsRRl0Bagee/F5F5g5gFOfs
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-