General
-
Target
c6809c59a0f3fe3b79fdbccc3392bda4_JaffaCakes118
-
Size
522KB
-
Sample
241205-hywgestnfz
-
MD5
c6809c59a0f3fe3b79fdbccc3392bda4
-
SHA1
3316eae23659e2df1403de0d8c5b0141a3237a7c
-
SHA256
b2950de7ddc3044afbcdb6a88c2da96d602d693b192fc52eed1884538a000b3f
-
SHA512
a5128e7835e54e1b7e8d54f8373999e454820c9255705df91432e0c82e10dd49f3ce2f7687b1b3b326bdd43ff8beab31a2c0f520def80111c01f4fcb877f872f
-
SSDEEP
6144:PuG6FJwLjMlvYzErIaWdGs6R54p7Z+/z9B4pfn0TRBR/acvctUOuaP97:36FuL92Ia+GFS+LPTnIn+I7
Malware Config
Targets
-
-
Target
c6809c59a0f3fe3b79fdbccc3392bda4_JaffaCakes118
-
Size
522KB
-
MD5
c6809c59a0f3fe3b79fdbccc3392bda4
-
SHA1
3316eae23659e2df1403de0d8c5b0141a3237a7c
-
SHA256
b2950de7ddc3044afbcdb6a88c2da96d602d693b192fc52eed1884538a000b3f
-
SHA512
a5128e7835e54e1b7e8d54f8373999e454820c9255705df91432e0c82e10dd49f3ce2f7687b1b3b326bdd43ff8beab31a2c0f520def80111c01f4fcb877f872f
-
SSDEEP
6144:PuG6FJwLjMlvYzErIaWdGs6R54p7Z+/z9B4pfn0TRBR/acvctUOuaP97:36FuL92Ia+GFS+LPTnIn+I7
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-