Overview

overview

10

Static

static

10

b1011afb22...18.exe

windows7-x64

10

b1011afb22...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1011afb22057adcd3fa75288965c6fd_JaffaCakes118

  • Size

    70KB

  • Sample

    241129-nt7xjsyjgp

  • MD5

    b1011afb22057adcd3fa75288965c6fd

  • SHA1

    47a993649350b04beea849f8252d14da049e1fa9

  • SHA256

    bc1dcbdf3a0dfe8424d1faf63eb6a28c27f969d8f4df02c3dfd30c2837dab674

  • SHA512

    47a203ecd5023efcf6508d7b665f6a1f8d50dbfa81265ecb8d0a4fd9d81e7eb0dd72ef3ff4692a996c2216133a1f3b9d91725ae747cf722442cc0f26ab203b45

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJNOQdJ:JxqjQ+P04wsmJCL

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b1011afb22057adcd3fa75288965c6fd_JaffaCakes118

    • Size

      70KB

    • MD5

      b1011afb22057adcd3fa75288965c6fd

    • SHA1

      47a993649350b04beea849f8252d14da049e1fa9

    • SHA256

      bc1dcbdf3a0dfe8424d1faf63eb6a28c27f969d8f4df02c3dfd30c2837dab674

    • SHA512

      47a203ecd5023efcf6508d7b665f6a1f8d50dbfa81265ecb8d0a4fd9d81e7eb0dd72ef3ff4692a996c2216133a1f3b9d91725ae747cf722442cc0f26ab203b45

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJNOQdJ:JxqjQ+P04wsmJCL

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks