General
-
Target
96f555a40ad77004bda8ff8faa953f75_JaffaCakes118
-
Size
269KB
-
Sample
241124-yyxmgstkbq
-
MD5
96f555a40ad77004bda8ff8faa953f75
-
SHA1
6831d5ecf113ed181eef7c7f5bb2f3c4554b6368
-
SHA256
cf80745f886b0145b3bbad129a393f39ee15613d07ce73e76a29b85c14c09875
-
SHA512
97f467e37bad7524a136dbd53cab8680facb5ab994a6d9cd40e27834f9c90c8c8759719c63dd7a7d29e8230a60a0cd385d8c369992daddd9efdfde70c2c743e4
-
SSDEEP
3072:sr85CJ8C4SxIbhDHwDV+BDfDIv391t6XLga7lmIHZzjpu5w/dAIzKBZ9ldgmR:k9JIx3jDIp6XMTsjpXnzKPOa
Malware Config
Targets
-
-
Target
96f555a40ad77004bda8ff8faa953f75_JaffaCakes118
-
Size
269KB
-
MD5
96f555a40ad77004bda8ff8faa953f75
-
SHA1
6831d5ecf113ed181eef7c7f5bb2f3c4554b6368
-
SHA256
cf80745f886b0145b3bbad129a393f39ee15613d07ce73e76a29b85c14c09875
-
SHA512
97f467e37bad7524a136dbd53cab8680facb5ab994a6d9cd40e27834f9c90c8c8759719c63dd7a7d29e8230a60a0cd385d8c369992daddd9efdfde70c2c743e4
-
SSDEEP
3072:sr85CJ8C4SxIbhDHwDV+BDfDIv391t6XLga7lmIHZzjpu5w/dAIzKBZ9ldgmR:k9JIx3jDIp6XMTsjpXnzKPOa
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-