General
-
Target
961164d83abcf8495f75605a5d8473fd_JaffaCakes118
-
Size
750KB
-
Sample
241124-vmx74awlfm
-
MD5
961164d83abcf8495f75605a5d8473fd
-
SHA1
2a47755382e9d36694c826f9e505f288f58b6b80
-
SHA256
ce2c1fa10811b288d95053ebd8ba356cccd25ca098fb4e4f0bbe61c6f5d54292
-
SHA512
163f04f1a7a686bf13474d3ae4af3d882e0396255815876e2328c1f9da547d99199e5739de91bfe262a94799d368ae6aa99ec5d3dc718509a61a0fe73a4abd04
-
SSDEEP
12288:h7G4qihqt4QNP52565qhdID2L6mVCPlZMvjPk2Z74y7TS+wMDuhhRL3aYYx2KaiK:hS4q6C4K525P02OmsPTMLP5Z74ESZEue
Malware Config
Targets
-
-
Target
961164d83abcf8495f75605a5d8473fd_JaffaCakes118
-
Size
750KB
-
MD5
961164d83abcf8495f75605a5d8473fd
-
SHA1
2a47755382e9d36694c826f9e505f288f58b6b80
-
SHA256
ce2c1fa10811b288d95053ebd8ba356cccd25ca098fb4e4f0bbe61c6f5d54292
-
SHA512
163f04f1a7a686bf13474d3ae4af3d882e0396255815876e2328c1f9da547d99199e5739de91bfe262a94799d368ae6aa99ec5d3dc718509a61a0fe73a4abd04
-
SSDEEP
12288:h7G4qihqt4QNP52565qhdID2L6mVCPlZMvjPk2Z74y7TS+wMDuhhRL3aYYx2KaiK:hS4q6C4K525P02OmsPTMLP5Z74ESZEue
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-